Terraform 脚本 Windows 模块设置帐户锁定策略和最小密码长度 Azure
[英]Terraform script Windows Module set account lockout policy & minimum password length Azure
问题描述
I am working on a Azure Terraform script, recently installed windows module when windows bootup there is no Account Lockout Policy & Minimum Password Length Policy set by default, is there any way I can define in terraform script in windows module. 谢谢。
resource "azurerm_virtual_machine_extension" "vm" {
name = var.vm_hostname
count = (var.is_windows_image || contains(list(var.vm_os_simple, var.vm_os_offer), "WindowsServer")) ? var.nb_instances : 0
virtual_machine_id = azurerm_virtual_machine.vm-windows[count.index].id
publisher = "Microsoft.Azure.Extensions"
type = "CustomScript"
type_handler_version = "2.0"
settings = <<SETTINGS
{
"commandToExecute": "net accounts /minpwlen:8 && net accounts /maxpwage:45 && net accounts /minpwage:0 && net accounts /lockoutduration:30 && net accounts /lockoutthreshold:3 "
}
SETTINGS
}
我得到了错误。
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [10s elapsed]
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [20s elapsed]
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [30s elapsed]
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [40s elapsed]
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [50s elapsed]
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [1m0s elapsed]
Error: Code="VMExtensionProvisioningError" Message="VM has reported a failure when processing extension '`HOSTNAME'. Error message: \"Extension '' of Handler 'Microsoft.Azure.Extensions.CustomScript' version '1.0' faulted due to exception during extension processing\"\r\n\r\nMore information on troubleshooting is available at https://aka.ms/VMExtensionCSELinuxTroubleshoot "
on ..\..\modules\windowsservers\main.tf line 194, in resource "azurerm_virtual_machine_extension" "vm":
194: resource "azurerm_virtual_machine_extension" "vm" {
2 个解决方案
解决方案1
0 2020-12-16 01:51:14
如果要在创建时配置 Windows VM,可以使用cloud-init 和 PowerShell 脚本。 在 terraform 中,您可以使用custom_data 。 如果您不关心何时配置,您可以在使用资源azurerm_virtual_machine_extension创建 VM 后使用 VM 扩展来执行您想要的操作。
解决方案2
0 已采纳 2020-12-16 12:51:29
resource "azurerm_virtual_machine_extension" "vm" {
name = "${var.vm_hostname}-${count.index}"
count = (var.is_windows_image || contains(list(var.vm_os_simple, var.vm_os_offer), "WindowsServer")) ? var.nb_instances : 0
virtual_machine_id = azurerm_virtual_machine.vm-windows[count.index].id
publisher = "Microsoft.Compute"
type = "CustomScriptExtension"
type_handler_version = "1.9"
settings = <<SETTINGS
{
"commandToExecute": "powershell -ExecutionPolicy Unrestricted -Command net accounts /minpwlen:8 && net accounts /maxpwage:45 && net accounts /minpwage:0 && net accounts /lockoutduration:30 && net accounts /lockoutthreshold:3 "
}
SETTINGS
}
这是解决我的问题的一段代码,我一直在做的这个错误是使用了错误的扩展名,这是 Linux 正确的扩展名,代码粘贴在这里。
如何使用Powershell脚本更改Windows服务帐户域名和密码?
[英]How to change windows services account domain name and password using powershell script?
可以使用 ADSI 为首次登录时需要更改的 Windows 帐户设置密码吗
[英]Can ADSI be used to set password for windows account requiring change at first logon
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.