Question Installation SQL Server 2008R2
il y a 11 ans 7 mois #12629
par SiSMik
Réponse de SiSMik sur le sujet Re:Installation SQL Server 2008R2
benduru écrit:
Un premier jet de la prochaine versions de l'installeur...
Si vous avez des idées/commentaires... je suis preneur
(même des critiques hein)
Bonne digestion
[code:1]
param(
[Parameter(Mandatory=$true)]
[string]$SAPassword,
[Parameter(Mandatory=$false)]
[Int]$TCPPort = 1433,
[Parameter(Mandatory=$true)]
[String]$ServicePassword,
[Parameter(Mandatory=$true)]
[string]$Serial,
[String]$SourcesLocation = \"C:\Temp\SQL\STD\sources\\",
[String]$ScriptLocation = \"C:\Temp\SQL\STD\scripts\\",
[String]$SystemDisk = \"E:\\",
[String]$SystemDBDisk = \"E:\\",
[String]$UserDataDisk = \"E:\\",
[String]$UserLogDisk = \"E:\\",
[String]$BackupDisk = \"E:\\",
[String]$TempDBDisk = \"E:\\",
[String]$TempLogDisk = \"E:\\",
[String]$ASTempDBDisk = \"E:\\",
[String]$ASDataDisk = \"E:\\",
[String]$ASLogDisk = \"E:\\",
[String]$ASConfigDisk = \"E:\\",
[String]$InstanceName = \"MSSQLSERVER\",
[String]$TempDBSize = \"256MB\",
[String]$TempDBMaxSize = \"512MB\",
[String]$TempDBFileGrowth = \"64MB\",
[String]$SQLCollation = \"French_CI_AS\",
[Switch]$AutoTune,
[Switch]$NamedPipe,
[Switch]$WindowsAuthent,
[Switch]$AS,
[Switch]$RS,
[Switch]$IS,
[Switch]$TOOLS,
[ValidateSet(0,1,2,3)]
[Int]$FT = 0,
[String]$FILESTREAMSHARENAME,
[Switch]$SQLENGINE,
[Switch]$REPLICATION
)
# ~~ Functions declaration
function Write-Log {
param(
[Parameter(Mandatory=$true)]
[Int]$id,
[Parameter(Mandatory=$true)]
[ValidateSet(\"Error\",\"SuccessAudit\",\"Warning\"«»)]
[string]$Status,
[String]$date = (Get-Date),
[String]$logfile = \"C:\log\log.txt\",
[String]$server = $env:computername,
[String]$Source,
[String]$LogName,
[String]$ResourceFile,
[Switch]$Event,
[String]$Msg
)
if ($Event) {
if (!(Get-EventLog -LogName $LogName)) {
if (!(Test-Path $ResourceFile)) {
Write-Error -msg \"The file $($ResourceFile) should be present to create the New Event log\"
return $false
}
New-Eventlog -Source $Source -logname $LogName -CategoryResourceFile $ResourceFile
}
if (Get-EventLog -LogName $LogName) {
Write-EventLog -LogName $LogName -EventID $id -Message $msg -EntryType $Status -Source $Source
}
else {
Write-Error -msg \"The Event log $($LogName) doesn't exist or is not accesible\"
return $false
}
}
echo \"$date $server : $Status : $msg\" >> $logfile
if ($Status -eq \"Error\"«») {
Write-Error -Message \"$CurrentDate $server : $Status : $msg\"
if ($error) {
$error >> $logfile
$error.clear()
}
exit $id
}
elseif ($Status -eq \"Warning\"«») {
Write-Warning -Message \"$CurrentDate $server : $Status : $msg\"
}
else {
Write-Verbose -Message \"$CurrentDate $server : $Status : $msg\"
}
}
function New-ServiceAccount {
param(
[string]$Account,
[string]$Description,
[String]$Label
)
$d = New-Object PSObject
$d.PsObject.TypeNames[0] = \"PSSqlServerServiceAccount\"
$d |
Add-Member -Name account -MemberType NoteProperty -Value $account -pass|
Add-Member -Name Description -MemberType NoteProperty -Value \"Service account $Description\" -pass|
Add-Member -Name Label -MemberType NoteProperty -Value $Label -pass
}
function New-SQLServerPath {
param(
[string]$Path,
[string]$Description,
[String]$Label
)
$d = New-Object PSObject
$d.PsObject.TypeNames[0] = \"PSSqlServerPath\"
$d |
Add-Member -Name Path -MemberType NoteProperty -Value $Path -pass|
Add-Member -Name Description -MemberType NoteProperty -Value $Description -pass|
Add-Member -Name Label -MemberType NoteProperty -Value $label -pass
}
Function Create-LocalUser {
param(
[string]$user,
[string]$password,
[string]$Description
)
Write-Debug \"Creating User: $user\"
$objOu = [ADSI]\"WinNT://localhost\"
$objUser = $objOU.Create(\"User\", $user)
$objUser.setpassword($password)
$objUser.Setinfo()
$objUser.PasswordChangeable=0
$objUser.PasswordExpires=0
$objUser.description = \"$Description\"
$objUser.psbase.commitchanges()
}
function New-SQLService {
param(
[string]$name,
[string]$shortname,
[string]$startup
)
$d = New-Object PSObject
$d.PsObject.TypeNames[0] = \"PSSqlServerPath\"
$d |
Add-Member -Name name -MemberType NoteProperty -Value $name -pass|
Add-Member -Name shortname -MemberType NoteProperty -Value $shortname -pass|
Add-Member -Name startup -MemberType NoteProperty -Value $startup -pass
}
function Set-Permission {
param (
[String]$path,
[String]$Account
)
$ACLPath = Get-Acl $path
$SQLPermission = \"$Account\",\"FullControl\",\"Allow\"
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule $SQLPermission
$ACLPath.SetAccessRule($AccessRule)
$ACLPath | Set-Acl $path
}
# ~~ Create Custom Objects for convenience...
$Accounts = @(
New-ServiceAccount -Account \"svc_sqls\" -Description \"SQL Server\" -label \"SQLSVCACCOUNT\";
New-ServiceAccount -Account \"svc_sqla\" -Description \"SQL Server Agent\" -label \"AGTSVCACCOUNT\";
New-ServiceAccount -Account \"svc_sqlb\" -Description \"SQL Server Browser\" -label \"\";
New-ServiceAccount -Account \"svc_sqli\" -Description \"SQL Server Integration service\" -label \"ISSVCACCOUNT\";
New-ServiceAccount -Account \"svc_sqlas\" -Description \"SQL Server Analysis service\" -label \"ASSVCACCOUNT\";
New-ServiceAccount -Account \"svc_sqlrs\" -Description \"SQL Server Reporting Service\" -label \"RSSVCACCOUNT\";
New-ServiceAccount -Account \"svc_sqlft\" -Description \"SQL Server Full Text Search\" -label \"FTSVCACCOUNT\";
)
$Paths = @(
New-SQLServerPath -Path $SystemDisk'system_db' -Description \"SystemDisk\" -label \"SQL\";
New-SQLServerPath -Path $SystemDBDisk'system_db_x86' -Description \"SystemDBDisk\" -label \"SQL\";
New-SQLServerPath -Path $ASDataDisk'AS_data' -Description \"ASDataDisk\" -label \"AS\";
New-SQLServerPath -Path $ASLogDisk'AS_log_db' -Description \"ASLogDisk\" -label \"AS\";
New-SQLServerPath -Path $BackupDisk'backup_db' -Description \"BackupDisk\" -label \"SQL\";
New-SQLServerPath -Path $ASTempDBDisk'AS_temp' -Description \"ASTempDBDisk\" -label \"AS\";
New-SQLServerPath -Path $ASConfigDisk'config_db' -Description \"ASConfigDisk\" -label \"AS\";
New-SQLServerPath -Path $UserDataDisk'user_db' -Description \"UserDataDisk\" -label \"SQL\";
New-SQLServerPath -Path $UserLogDisk'log_db' -Description \"UserLogDisk\" -label \"SQL\";
New-SQLServerPath -Path $TempDBDisk'temp_db' -Description \"TempDBDisk\" -label \"SQL\";
New-SQLServerPath -Path $TempLogDisk'temp_log_db' -Description \"TempLogDisk\" -label \"SQL\";
)
$Services = @(
New-SQLService -name \"SQL Server (\" + $InstanceName + \"«»)\" -shortname \"MSSQLSERVER\" -startup \"Automatic\";
New-SQLService -name \"SQL Server Agent (\" + $InstanceName + \"«»)\" -shortname \"SQLSERVERAGENT\" -startup \"Automatic\";
New-SQLService -name \"SQL Server Browser\" -shortname \"SQLBrowser\" -startup \"Automatic\";
New-SQLService -name \"SQL Server Integration Services 10.0\" -shortname \"MsDtsServer100\" -startup \"Automatic\";
New-SQLService -name \"SQL Server Analysis Services (\" + $InstanceName + \"«»)\" -shortname \"MSSQLServerOLAPService\" -startup \"Automatic\";
New-SQLService -name \"SQL Server Reporting Services (\" + $InstanceName + \"«»)\" -shortname \"ReportServer\" -startup \"Automatic\";
New-SQLService -name \"SQL Full-text Filter Daemon Launcher (\" + $InstanceName + \"«»)\" -shortname \"MSSQLFDLauncher\" -startup \"Automatic\";
)
# ~~ Static variables
$SQLAccountLabels = @('SQLSVCACCOUNT','AGTSVCACCOUNT')
$SQLDiskLabels = @('SystemDisk','SystemDBDisk','BackupDisk','UserDataDisk','UserLogDisk','TempDBDisk','TempLogDisk')
$Rights = @(\"SeTcbPrivilege\",\"SeIncreaseQuotaPrivilege\",\"SeCreateTokenPrivilege\",
\"SeImpersonatePrivilege\",\"SeBatchLogonRight\",\"SeServiceLogonRight\",
\"SeAssignPrimaryTokenPrivilege\",\"SeManageVolumeNamePrivilege\",\"SeLockMemoryPrivilege\",\"SeChangeNotifyPrivilege\"«»)
$HKML_IPall = \"HKLM:\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL10_50.\" + $InstanceName + \"\MSSQLServer\SuperSocketNetLib\Tcp\IPAll\"
$QueryMaxMemory = \"EXEC sp_configure 'show advanced options', '1'
RECONFIGURE WITH OVERRIDE
EXEC sp_configure 'min server memory', '0'
EXEC sp_configure 'max server memory', ' + CAST(@Memory AS nvarchar) + '
RECONFIGURE WITH OVERRIDE
EXEC sp_configure 'show advanced options', '0'
RECONFIGURE WITH OVERRIDE\"
$QueryMaxMeroySetted = \"select value FROM sys.configurations where Name = 'max server memory (MB«»)'\"
$TempDBadd = \"USE [master]
GO
DECLARE @cpu_count int,
@file_count int,
@logical_name sysname,
@file_name nvarchar(520),
@physical_name nvarchar(520),
@size int,
@max_size int,
@growth int,
@alter_command nvarchar(max)
SELECT @physical_name = physical_name,
@size = size / 128,
@max_size = max_size / 128,
@growth = growth / 128
FROM tempdb.sys.database_files
WHERE name = 'tempdev'
SELECT @file_count = COUNT(*)
FROM tempdb.sys.database_files
WHERE type_desc = 'ROWS'
SELECT @cpu_count = cpu_count
FROM sys.dm_os_sys_info
WHILE @file_count < @cpu_count -- Add * 0.25 here to add 1 file for every 4 cpus, * .5 for every 2 etc.
BEGIN
SELECT @logical_name = 'tempdev' + CAST(@file_count AS nvarchar)
SELECT @file_name = REPLACE(@physical_name, 'tempdb.mdf', @logical_name + '.ndf')
SELECT @alter_command = 'ALTER DATABASE [tempdb] ADD FILE ( NAME =N''' + @logical_name + ''', `
FILENAME =N''' + @file_name + ''', SIZE = ' + CAST(@size AS nvarchar) + 'MB, MAXSIZE = ' + `
CAST(@max_size AS nvarchar) + 'MB, FILEGROWTH = ' + CAST(@growth AS nvarchar) + 'MB )'
PRINT @alter_command
EXEC sp_executesql @alter_command
SELECT @file_count = @file_count + 1
END\"
$TempDBmodify = \"ALTER DATABASE tempdb MODIFY FILE ( NAME = N'tempdev', SIZE = \" + $TempDBSize + \", MAXSIZE = \" + $TempDBMaxSize + \", FILEGROWTH = \" + $TempDBFileGrowth + \" )\"
$TempLogDBmodify = \"ALTER DATABASE tempdb MODIFY FILE ( NAME = N'templog', SIZE = \" + $TempDBSize + \", MAXSIZE = \" + $TempDBMaxSize + \", FILEGROWTH = \" + $TempDBFileGrowth + \" )\"
$CountTempDBFiles = \"SELECT COUNT(*) as numcpu FROM tempdb.sys.database_files where type_desc = 'ROWS'\"
$CpuCount = \"SELECT cpu_count FROM sys.dm_os_sys_info\"
$LSAType = @'
using System;
using System.Collections.Generic;
using System.Text;
namespace MyLsaWrapper
{
using System.Runtime.InteropServices;
using System.Security;
using System.Management;
using System.Runtime.CompilerServices;
using System.ComponentModel;
using LSA_HANDLE = IntPtr;
[StructLayout(LayoutKind.Sequential)]
struct LSA_OBJECT_ATTRIBUTES
{
internal int Length;
internal IntPtr RootDirectory;
internal IntPtr ObjectName;
internal int Attributes;
internal IntPtr SecurityDescriptor;
internal IntPtr SecurityQualityOfService;
}
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
struct LSA_UNICODE_STRING
{
internal ushort Length;
internal ushort MaximumLength;
[MarshalAs(UnmanagedType.LPWStr)]
internal string Buffer;
}
sealed class Win32Sec
{
[DllImport(\"advapi32\", CharSet = CharSet.Unicode, SetLastError = true),
SuppressUnmanagedCodeSecurityAttribute]
internal static extern uint LsaOpenPolicy(
LSA_UNICODE_STRING[] SystemName,
ref LSA_OBJECT_ATTRIBUTES ObjectAttributes,
int AccessMask,
out IntPtr PolicyHandle
);
[DllImport(\"advapi32\", CharSet = CharSet.Unicode, SetLastError = true),
SuppressUnmanagedCodeSecurityAttribute]
internal static extern uint LsaAddAccountRights(
LSA_HANDLE PolicyHandle,
IntPtr pSID,
LSA_UNICODE_STRING[] UserRights,
int CountOfRights
);
[DllImport(\"advapi32\", CharSet = CharSet.Unicode, SetLastError = true),
SuppressUnmanagedCodeSecurityAttribute]
internal static extern int LsaLookupNames2(
LSA_HANDLE PolicyHandle,
uint Flags,
uint Count,
LSA_UNICODE_STRING[] Names,
ref IntPtr ReferencedDomains,
ref IntPtr Sids
);
[DllImport(\"advapi32\"«»)]
internal static extern int LsaNtStatusToWinError(int NTSTATUS);
[DllImport(\"advapi32\"«»)]
internal static extern int LsaClose(IntPtr PolicyHandle);
[DllImport(\"advapi32\"«»)]
internal static extern int LsaFreeMemory(IntPtr Buffer);
}
/// <summary>
/// This class is used to grant \"Log on as a service\", \"Log on as a batchjob\", \"Log on localy\" etc.
/// to a user.
/// </summary>
public sealed class LsaWrapper : IDisposable
{
[StructLayout(LayoutKind.Sequential)]
struct LSA_TRUST_INFORMATION
{
internal LSA_UNICODE_STRING Name;
internal IntPtr Sid;
}
[StructLayout(LayoutKind.Sequential)]
struct LSA_TRANSLATED_SID2
{
internal SidNameUse Use;
internal IntPtr Sid;
internal int DomainIndex;
uint Flags;
}
[StructLayout(LayoutKind.Sequential)]
struct LSA_REFERENCED_DOMAIN_LIST
{
internal uint Entries;
internal LSA_TRUST_INFORMATION Domains;
}
enum SidNameUse : int
{
User = 1,
Group = 2,
Domain = 3,
Alias = 4,
KnownGroup = 5,
DeletedAccount = 6,
Invalid = 7,
Unknown = 8,
Computer = 9
}
enum Access : int
{
POLICY_READ = 0x20006,
POLICY_ALL_ACCESS = 0x00F0FFF,
POLICY_EXECUTE = 0X20801,
POLICY_WRITE = 0X207F8
}
const uint STATUS_ACCESS_DENIED = 0xc0000022;
const uint STATUS_INSUFFICIENT_RESOURCES = 0xc000009a;
const uint STATUS_NO_MEMORY = 0xc0000017;
IntPtr lsaHandle;
public LsaWrapper()
: this(null)
{ }
// // local system if systemName is null
public LsaWrapper(string systemName)
{
LSA_OBJECT_ATTRIBUTES lsaAttr;
lsaAttr.RootDirectory = IntPtr.Zero;
lsaAttr.ObjectName = IntPtr.Zero;
lsaAttr.Attributes = 0;
lsaAttr.SecurityDescriptor = IntPtr.Zero;
lsaAttr.SecurityQualityOfService = IntPtr.Zero;
lsaAttr.Length = Marshal.SizeOf(typeof(LSA_OBJECT_ATTRIBUTES));
lsaHandle = IntPtr.Zero;
LSA_UNICODE_STRING[] system = null;
if (systemName != null)
{
system = new LSA_UNICODE_STRING[1];
system[0] = InitLsaString(systemName);
}
uint ret = Win32Sec.LsaOpenPolicy(system, ref lsaAttr,
(int)Access.POLICY_ALL_ACCESS, out lsaHandle);
if (ret == 0)
return;
if (ret == STATUS_ACCESS_DENIED)
{
throw new UnauthorizedAccessException();
}
if ((ret == STATUS_INSUFFICIENT_RESOURCES) || (ret == STATUS_NO_MEMORY))
{
throw new OutOfMemoryException();
}
throw new Win32Exception(Win32Sec.LsaNtStatusToWinError((int)ret));
}
public void AddPrivileges(string account, string privilege)
{
IntPtr pSid = GetSIDInformation(account);
LSA_UNICODE_STRING[] privileges = new LSA_UNICODE_STRING[1];
privileges[0] = InitLsaString(privilege);
uint ret = Win32Sec.LsaAddAccountRights(lsaHandle, pSid, privileges, 1);
if (ret == 0)
return;
if (ret == STATUS_ACCESS_DENIED)
{
throw new UnauthorizedAccessException();
}
if ((ret == STATUS_INSUFFICIENT_RESOURCES) || (ret == STATUS_NO_MEMORY))
{
throw new OutOfMemoryException();
}
throw new Win32Exception(Win32Sec.LsaNtStatusToWinError((int)ret));
}
public void Dispose()
{
if (lsaHandle != IntPtr.Zero)
{
Win32Sec.LsaClose(lsaHandle);
lsaHandle = IntPtr.Zero;
}
GC.SuppressFinalize(this);
}
~LsaWrapper()
{
Dispose();
}
// helper functions
IntPtr GetSIDInformation(string account)
{
LSA_UNICODE_STRING[] names = new LSA_UNICODE_STRING[1];
LSA_TRANSLATED_SID2 lts;
IntPtr tsids = IntPtr.Zero;
IntPtr tdom = IntPtr.Zero;
names[0] = InitLsaString(account);
lts.Sid = IntPtr.Zero;
Console.WriteLine(\"String account: {0}\", names[0].Length);
int ret = Win32Sec.LsaLookupNames2(lsaHandle, 0, 1, names, ref tdom, ref tsids);
if (ret != 0)
throw new Win32Exception(Win32Sec.LsaNtStatusToWinError(ret));
lts = (LSA_TRANSLATED_SID2)Marshal.PtrToStructure(tsids,
typeof(LSA_TRANSLATED_SID2));
Win32Sec.LsaFreeMemory(tsids);
Win32Sec.LsaFreeMemory(tdom);
return lts.Sid;
}
static LSA_UNICODE_STRING InitLsaString(string s)
{
// Unicode strings max. 32KB
if (s.Length > 0x7ffe)
throw new ArgumentException(\"String too long\"«»);
LSA_UNICODE_STRING lus = new LSA_UNICODE_STRING();
lus.Buffer = s;
lus.Length = (ushort)(s.Length * sizeof(char));
lus.MaximumLength = (ushort)(lus.Length + sizeof(char));
return lus;
}
}
public class LsaWrapperCaller
{
public static void AddPrivileges(string account, string privilege)
{
using (LsaWrapper lsaWrapper = new LsaWrapper())
{
lsaWrapper.AddPrivileges(account, privilege);
}
}
}
}
'@
#########################################
# #
# Do not edit anything after this point #
# #
#########################################
if ($error) { $error.clear() }
Write-Debug \"Setting Up Global Firewall Rules...\"
Try {
netsh firewall set opmode enable
netsh firewall set service fileandprint enable
}
Catch {
Write-Log -id 1 -Status \"Error\" -Msg \"Glogbal Firewall Configuration Rules\"
}
Write-Log -id 1 -Status \"SuccessAudit\" -Msg \"Glogbal Firewall Configuration Rules\"
Write-Debug \"Starting installation of SQL Server, it might takes few time :«»p\"
Try {
#A Faire, créer des $CMD AS/RS/etc pour chaque switch mis en place !
Add-Type $LSAType -PassThru
#[MyLsaWrapper.LsaWrapperCaller]::AddPrivileges(\"andy\", \"SeServiceLogonRight\"«»)
if ($SQLENGINE) {
Write-Debug \"Setting Up Firewall: Opening TCP $TCPPort for MSDE and UDP 1434 for SQL Browser\"
Try {
netsh firewall add portopening TCP $TCPPort \"SQLServer($instanceName)\" enable subnet | Out-Null
netsh firewall add portopening UDP 1434 \"SQLBrowser($instanceName)\" enable subnet | Out-Null
}
Catch {
Write-Log -id 2 -Status \"Error\" -Msg \"Firewall Configuration Rules for $($InstanceName) & SQLBrowser\"
}
Write-Log -id 2 -Status \"SuccessAudit\" -Msg \"Firewall Configuration Rules for $($InstanceName) & SQLBrowser\"
Write-Debug \"Creating MSDE SystemDB, UserDB, LogDB, BackuupDB and TempDB directories...\"
Try {
$Paths | ? { $_.label -eq \"SQL\" } | % {
$_.path
if ((Test-Path $_.path)) {
Write-Log -id 3 -Status \"Warning\" -Msg \"The path for $($_.Description) already exists.\"
}
else {
New-Item -Path $_.path -itemType \"Directory\" -ErrorAction SilentlyContinue
Write-Log -id 3 -Status \"SuccessAudit\" -Msg \"The path for $($_.Description) is created.\"
if ($_.Description -eq \"SystemDisk\"«») { $SQLPaths = $SQLPaths + ' /INSTALLSHAREDDIR=' + $_.Path }
if ($_.Description -eq \"SystemDBDisk\"«») { $SQLPaths = $SQLPaths + ' /INSTALLSHAREDWOWDIR=' + $_.Path }
if ($_.Description -eq \"BackupDisk\"«») { $SQLPaths = $SQLPaths + ' /SQLBACKUPDIR=' + $_.Path }
if ($_.Description -eq \"UserDataDisk\"«») { $SQLPaths = $SQLPaths + ' /INSTALLSQLDATADIR=' + $_.Path }
if ($_.Description -eq \"UserLogDisk\"«») { $SQLPaths = $SQLPaths + ' /SQLUSERDBLOGDIR=' + $_.Path }
if ($_.Description -eq \"TempDBDisk\"«») { $SQLPaths = $SQLPaths + ' /SQLTEMPDBDIR=' + $_.Path }
if ($_.Description -eq \"TempLogDisk\"«») { $SQLPaths = $SQLPaths + ' /SQLTEMPDBLOGDIR=' + $_.Path }
}
Write-Log -id 3 -Status \"SuccessAudit\" -Msg \"Creation of MSDE $($_.Description) Directories...\"
}
}
Catch {
Write-Log -id 4 -Status \"Error\" -Msg \"Creation of All MSDE Storage Directories...\"
}
Write-Debug \"Create Local Account Services and assignate correct User Rights...\"
$SQLPaths
Foreach ($Label in $SQLAccountLabels) {
Try {
$Account = $Accounts | ? { $_.label -eq $Label }
Create-LocalUser -User $Account.Account -Password $ServicePassword -Description $Account.Description
Try {
$Rights | % { [void][MyLsaWrapper.LsaWrapperCaller]::AddPrivileges(\"$($Account.Account)\", \"$($_)\"«») }
}
Catch {
Write-Log -id x -Status \"Error\" -Msg \"According all needed privileges to $($Account.Account)\"
}
if ($Label -eq \"SQLSVCACCOUNT\"«») {
$SQLAccounts = $SQLAccounts + ' /SQLSVCACCOUNT=' + $Account.Account + ' / SQLSVCPASSWORD=' + $ServicePassword + ' /SQLSVCSTARTUPTYPE=\"Automatic\"'
$SQLAccounts
Write-Debug \"Add SQL Server service account to Administrators group\"
Try {
$Group = [ADSI](\"WinNT://\" + $env:ComputerName + \"/Administrators,Group\"«»)
$Group.Add(\"WinNT://\" + $env:ComputerName + \"/\" + $Account.Account + \",User\"«»)
}
Catch {
Write-Log -id x -Status \"Error\" -Msg \"Add $($Account.Account) to Administrators group.\"
}
Write-Log -id x -Status \"SuccessAudit\" -Msg \"Add $($Account.Account) to Administrators group.\"
Write-Debug \"Set ACL on $UserDataDisk and $BackupDisk for $($Account.Account)\"
Try {
Set-Permission -Path $UserDataDisk -Account $Account.Account
Set-Permission -Path $BackupDisk -Account $Account.Account
}
Catch {
Write-Log -id x -Status \"Error\" -Msg \"Modify ACL on Data Or/And Backup paths\"
}
Write-Log -id x -Status \"SuccessAudit\" -Msg \"Modify ACL on Data Or/And Backup paths\"
}
if ($label -eq \"AGTACCOUNT\"«») { $SQLAccounts = $SQLAccounts + ' /AGTSVCACCOUNT=' + $Accounts.Account + ' /AGTSVCPASSWORD=' + $ServicePassword + ' /AGTSVCSTARTUPTYPE=\"Automatic\"' }
}
Catch {
Write-Log -id 5 -Status \"Error\" -Msg \"Creation of Service account for $($Label)\"
}
Write-Log -id 5 -Status \"SuccessAudit\" -Msg \"Creation of Service account for $($Label)\"
}
$SQLAccounts
$features = $features + 'SQLENGINE,'
$SQLOptions = '/SQLCOLLATION=' + $SQLCollation + ' /SAPWD=' + $SAPassword + ' '
$SQLOptions
}
if ($REPLICATION) {
if (!$SQLENGINE) { Write-Log -id x -Status \"Error\" -Msg \"To Enable Replication in this installation you need to Install SQLENGINE too...\" }
$features = $features + 'REPLICATION,'
}
if ($FT -gt 1) {
if (!$SQLENGINE) { Write-Log -id x -Status \"Error\" -Msg \"To Enable Full Text in this installation you need to Install SQLENGINE too...\" }
if (!$FILESTREAMSHARENAME) { Write-Log -id x -Status \"Error\" -Msg \"Please, specify a Windows share to store file for filestream...\"
$features = $features + 'FULLTEXT, /FILESTREAMSHARENAME=' + $FILESTREAMSHARENAME + ' '
}
if ($IS) {
$features = $features + 'IS,'
$Account = ($Accounts | ? { $_.label -eq \"ISSVCACCOUNT\"} ).Account
$ISServices = '/ISSVCACCOUNT=' + $Account + ' /ISSVC=' + $ServicePassword + ' /ISSVCSTARTUPTYPE=\"Automatic\"'
}
if ($RS) {
Try {
netsh firewall add portopening TCP 80 \"Reporting Services - Http - ($instanceName)\" enable subnet
netsh firewall add portopening TCP 443 \"Reporting Services - Https - ($instanceName)\" enable subnet
}
Catch {
\"Test\"
}
$features = $features + 'RS,'
$RSServices = '/RSINSTALLMODE=' + $RSInstallMode + '/RSSVCACCOUNT=' + ($Accounts | ? { $_.label -eq \"RSSVCACCOUNT\"} ).Account + ' /RSSVCPASSWORD=' + $ServicePassword + ' /RSSVCSTARTUPTYPE=\"Automatic\"'
}
if ($AS) {
Try {
netsh firewall add portopening TCP 2252 \"Analysis Services ($instanceName)\" enable subnet
}
Catch {
\"TEST\"
}
$features = $features + 'AS,'
$CMDAccounts = $CMDAccount + '/'
$CMDPaths = $CMDPaths + '/'
#/ASBACKUPDIR
}
$Options = '/INSTANCEID=' + $InstanceName + ' /INSTANCENAME=' + $InstanceName + '/ACTION=Install /INDICATEPROGRESS=False /QUIET=True QUIETSIMPLE=False /HELP=False /X86=False `
/IAcceptSQLServerLicenseTerms /BROWSERSVCSTARTUPTYPE=\"Automatic\" /PID=' + $PID + ' '
if (!$WindowsAuthent) { $Options = $Options + ' /SECURITYMODE=SQL' }
if ($NamedPipe) { $Options = $Options + ' /NPENABLED=1' }
$Options
$CMDFeatures = \"/FEATURES=REPLICATION,FULLTEXT,AS,RS,BIDS,CONN,IS,BC,SDK,SSMS,ADV_SSMS,SNAC_SDK,OCS\"
$inv = $sourcesdir + \"setup.exe /SAPWD=\" + $SAPassword + \"/ACTION=Install /SQLSYSADMINACCOUNTS=$env:computername\Administrator\"
#\" /CONFIGURATIONFILE=\" + $scriptdir + \"config.ini\"
invoke-expression $inv
}
Catch {
\"TEST\"
}
Write-Debug \"Starting TCP/IP Configuration\"
Try {
Set-ItemProperty $HKML_IPall -name \"TcpPort\" -value \"$TCPPort\"
Set-ItemProperty $HKML_IPall -name \"TcpDynamicPorts\" -value \"\"
}
Catch {
\"TEST\"
}
add-pssnapin sqlserverprovidersnapin100
add-pssnapin sqlservercmdletsnapin100
if ($AutoTune) {
if ($InstanceName -eq \"MSSQLSERVER\"«») { $SQLServer = \".\" }
else { $SQLServer = $env:computername + \"\\" + $InstanceName }
Try {
Create-LogInfo \"Configure TempDB File\" \"START\"
Invoke-Sqlcmd -Query $TempDBmodify -Serverinstance $SQLServer
}
Catch {
\"TEST\"
}
Try {
Create-LogInfo \"Configure TempDB Log File\" \"START\"
Invoke-Sqlcmd -Query $TempLogDBmodify -Serverinstance $SQLServer
}
Catch {
\"TEST\"
}
Try {
Create-LogInfo \"Auto-Configure TempDB\" \"START\"
Invoke-Sqlcmd -Query $TempDBadd -Serverinstance $SQLServer
}
Catch {
\"TEST\"
}
}
}
Catch {
\"NOK\"
}
[/code:1]
D'ailleurs j'ai commencé à bosser la V2, mais vu qu'on travaille toujorus dans l'urgence au taff, ça avance pas vite... mais ça sera beaucoup plus...flexible (dynamique) !
Un premier jet de la prochaine versions de l'installeur...
Si vous avez des idées/commentaires... je suis preneur
(même des critiques hein)Bonne digestion
[code:1]
param(
[Parameter(Mandatory=$true)]
[string]$SAPassword,
[Parameter(Mandatory=$false)]
[Int]$TCPPort = 1433,
[Parameter(Mandatory=$true)]
[String]$ServicePassword,
[Parameter(Mandatory=$true)]
[string]$Serial,
[String]$SourcesLocation = \"C:\Temp\SQL\STD\sources\\",
[String]$ScriptLocation = \"C:\Temp\SQL\STD\scripts\\",
[String]$SystemDisk = \"E:\\",
[String]$SystemDBDisk = \"E:\\",
[String]$UserDataDisk = \"E:\\",
[String]$UserLogDisk = \"E:\\",
[String]$BackupDisk = \"E:\\",
[String]$TempDBDisk = \"E:\\",
[String]$TempLogDisk = \"E:\\",
[String]$ASTempDBDisk = \"E:\\",
[String]$ASDataDisk = \"E:\\",
[String]$ASLogDisk = \"E:\\",
[String]$ASConfigDisk = \"E:\\",
[String]$InstanceName = \"MSSQLSERVER\",
[String]$TempDBSize = \"256MB\",
[String]$TempDBMaxSize = \"512MB\",
[String]$TempDBFileGrowth = \"64MB\",
[String]$SQLCollation = \"French_CI_AS\",
[Switch]$AutoTune,
[Switch]$NamedPipe,
[Switch]$WindowsAuthent,
[Switch]$AS,
[Switch]$RS,
[Switch]$IS,
[Switch]$TOOLS,
[ValidateSet(0,1,2,3)]
[Int]$FT = 0,
[String]$FILESTREAMSHARENAME,
[Switch]$SQLENGINE,
[Switch]$REPLICATION
)
# ~~ Functions declaration
function Write-Log {
param(
[Parameter(Mandatory=$true)]
[Int]$id,
[Parameter(Mandatory=$true)]
[ValidateSet(\"Error\",\"SuccessAudit\",\"Warning\"«»)]
[string]$Status,
[String]$date = (Get-Date),
[String]$logfile = \"C:\log\log.txt\",
[String]$server = $env:computername,
[String]$Source,
[String]$LogName,
[String]$ResourceFile,
[Switch]$Event,
[String]$Msg
)
if ($Event) {
if (!(Get-EventLog -LogName $LogName)) {
if (!(Test-Path $ResourceFile)) {
Write-Error -msg \"The file $($ResourceFile) should be present to create the New Event log\"
return $false
}
New-Eventlog -Source $Source -logname $LogName -CategoryResourceFile $ResourceFile
}
if (Get-EventLog -LogName $LogName) {
Write-EventLog -LogName $LogName -EventID $id -Message $msg -EntryType $Status -Source $Source
}
else {
Write-Error -msg \"The Event log $($LogName) doesn't exist or is not accesible\"
return $false
}
}
echo \"$date $server : $Status : $msg\" >> $logfile
if ($Status -eq \"Error\"«») {
Write-Error -Message \"$CurrentDate $server : $Status : $msg\"
if ($error) {
$error >> $logfile
$error.clear()
}
exit $id
}
elseif ($Status -eq \"Warning\"«») {
Write-Warning -Message \"$CurrentDate $server : $Status : $msg\"
}
else {
Write-Verbose -Message \"$CurrentDate $server : $Status : $msg\"
}
}
function New-ServiceAccount {
param(
[string]$Account,
[string]$Description,
[String]$Label
)
$d = New-Object PSObject
$d.PsObject.TypeNames[0] = \"PSSqlServerServiceAccount\"
$d |
Add-Member -Name account -MemberType NoteProperty -Value $account -pass|
Add-Member -Name Description -MemberType NoteProperty -Value \"Service account $Description\" -pass|
Add-Member -Name Label -MemberType NoteProperty -Value $Label -pass
}
function New-SQLServerPath {
param(
[string]$Path,
[string]$Description,
[String]$Label
)
$d = New-Object PSObject
$d.PsObject.TypeNames[0] = \"PSSqlServerPath\"
$d |
Add-Member -Name Path -MemberType NoteProperty -Value $Path -pass|
Add-Member -Name Description -MemberType NoteProperty -Value $Description -pass|
Add-Member -Name Label -MemberType NoteProperty -Value $label -pass
}
Function Create-LocalUser {
param(
[string]$user,
[string]$password,
[string]$Description
)
Write-Debug \"Creating User: $user\"
$objOu = [ADSI]\"WinNT://localhost\"
$objUser = $objOU.Create(\"User\", $user)
$objUser.setpassword($password)
$objUser.Setinfo()
$objUser.PasswordChangeable=0
$objUser.PasswordExpires=0
$objUser.description = \"$Description\"
$objUser.psbase.commitchanges()
}
function New-SQLService {
param(
[string]$name,
[string]$shortname,
[string]$startup
)
$d = New-Object PSObject
$d.PsObject.TypeNames[0] = \"PSSqlServerPath\"
$d |
Add-Member -Name name -MemberType NoteProperty -Value $name -pass|
Add-Member -Name shortname -MemberType NoteProperty -Value $shortname -pass|
Add-Member -Name startup -MemberType NoteProperty -Value $startup -pass
}
function Set-Permission {
param (
[String]$path,
[String]$Account
)
$ACLPath = Get-Acl $path
$SQLPermission = \"$Account\",\"FullControl\",\"Allow\"
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule $SQLPermission
$ACLPath.SetAccessRule($AccessRule)
$ACLPath | Set-Acl $path
}
# ~~ Create Custom Objects for convenience...
$Accounts = @(
New-ServiceAccount -Account \"svc_sqls\" -Description \"SQL Server\" -label \"SQLSVCACCOUNT\";
New-ServiceAccount -Account \"svc_sqla\" -Description \"SQL Server Agent\" -label \"AGTSVCACCOUNT\";
New-ServiceAccount -Account \"svc_sqlb\" -Description \"SQL Server Browser\" -label \"\";
New-ServiceAccount -Account \"svc_sqli\" -Description \"SQL Server Integration service\" -label \"ISSVCACCOUNT\";
New-ServiceAccount -Account \"svc_sqlas\" -Description \"SQL Server Analysis service\" -label \"ASSVCACCOUNT\";
New-ServiceAccount -Account \"svc_sqlrs\" -Description \"SQL Server Reporting Service\" -label \"RSSVCACCOUNT\";
New-ServiceAccount -Account \"svc_sqlft\" -Description \"SQL Server Full Text Search\" -label \"FTSVCACCOUNT\";
)
$Paths = @(
New-SQLServerPath -Path $SystemDisk'system_db' -Description \"SystemDisk\" -label \"SQL\";
New-SQLServerPath -Path $SystemDBDisk'system_db_x86' -Description \"SystemDBDisk\" -label \"SQL\";
New-SQLServerPath -Path $ASDataDisk'AS_data' -Description \"ASDataDisk\" -label \"AS\";
New-SQLServerPath -Path $ASLogDisk'AS_log_db' -Description \"ASLogDisk\" -label \"AS\";
New-SQLServerPath -Path $BackupDisk'backup_db' -Description \"BackupDisk\" -label \"SQL\";
New-SQLServerPath -Path $ASTempDBDisk'AS_temp' -Description \"ASTempDBDisk\" -label \"AS\";
New-SQLServerPath -Path $ASConfigDisk'config_db' -Description \"ASConfigDisk\" -label \"AS\";
New-SQLServerPath -Path $UserDataDisk'user_db' -Description \"UserDataDisk\" -label \"SQL\";
New-SQLServerPath -Path $UserLogDisk'log_db' -Description \"UserLogDisk\" -label \"SQL\";
New-SQLServerPath -Path $TempDBDisk'temp_db' -Description \"TempDBDisk\" -label \"SQL\";
New-SQLServerPath -Path $TempLogDisk'temp_log_db' -Description \"TempLogDisk\" -label \"SQL\";
)
$Services = @(
New-SQLService -name \"SQL Server (\" + $InstanceName + \"«»)\" -shortname \"MSSQLSERVER\" -startup \"Automatic\";
New-SQLService -name \"SQL Server Agent (\" + $InstanceName + \"«»)\" -shortname \"SQLSERVERAGENT\" -startup \"Automatic\";
New-SQLService -name \"SQL Server Browser\" -shortname \"SQLBrowser\" -startup \"Automatic\";
New-SQLService -name \"SQL Server Integration Services 10.0\" -shortname \"MsDtsServer100\" -startup \"Automatic\";
New-SQLService -name \"SQL Server Analysis Services (\" + $InstanceName + \"«»)\" -shortname \"MSSQLServerOLAPService\" -startup \"Automatic\";
New-SQLService -name \"SQL Server Reporting Services (\" + $InstanceName + \"«»)\" -shortname \"ReportServer\" -startup \"Automatic\";
New-SQLService -name \"SQL Full-text Filter Daemon Launcher (\" + $InstanceName + \"«»)\" -shortname \"MSSQLFDLauncher\" -startup \"Automatic\";
)
# ~~ Static variables
$SQLAccountLabels = @('SQLSVCACCOUNT','AGTSVCACCOUNT')
$SQLDiskLabels = @('SystemDisk','SystemDBDisk','BackupDisk','UserDataDisk','UserLogDisk','TempDBDisk','TempLogDisk')
$Rights = @(\"SeTcbPrivilege\",\"SeIncreaseQuotaPrivilege\",\"SeCreateTokenPrivilege\",
\"SeImpersonatePrivilege\",\"SeBatchLogonRight\",\"SeServiceLogonRight\",
\"SeAssignPrimaryTokenPrivilege\",\"SeManageVolumeNamePrivilege\",\"SeLockMemoryPrivilege\",\"SeChangeNotifyPrivilege\"«»)
$HKML_IPall = \"HKLM:\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL10_50.\" + $InstanceName + \"\MSSQLServer\SuperSocketNetLib\Tcp\IPAll\"
$QueryMaxMemory = \"EXEC sp_configure 'show advanced options', '1'
RECONFIGURE WITH OVERRIDE
EXEC sp_configure 'min server memory', '0'
EXEC sp_configure 'max server memory', ' + CAST(@Memory AS nvarchar) + '
RECONFIGURE WITH OVERRIDE
EXEC sp_configure 'show advanced options', '0'
RECONFIGURE WITH OVERRIDE\"
$QueryMaxMeroySetted = \"select value FROM sys.configurations where Name = 'max server memory (MB«»)'\"
$TempDBadd = \"USE [master]
GO
DECLARE @cpu_count int,
@file_count int,
@logical_name sysname,
@file_name nvarchar(520),
@physical_name nvarchar(520),
@size int,
@max_size int,
@growth int,
@alter_command nvarchar(max)
SELECT @physical_name = physical_name,
@size = size / 128,
@max_size = max_size / 128,
@growth = growth / 128
FROM tempdb.sys.database_files
WHERE name = 'tempdev'
SELECT @file_count = COUNT(*)
FROM tempdb.sys.database_files
WHERE type_desc = 'ROWS'
SELECT @cpu_count = cpu_count
FROM sys.dm_os_sys_info
WHILE @file_count < @cpu_count -- Add * 0.25 here to add 1 file for every 4 cpus, * .5 for every 2 etc.
BEGIN
SELECT @logical_name = 'tempdev' + CAST(@file_count AS nvarchar)
SELECT @file_name = REPLACE(@physical_name, 'tempdb.mdf', @logical_name + '.ndf')
SELECT @alter_command = 'ALTER DATABASE [tempdb] ADD FILE ( NAME =N''' + @logical_name + ''', `
FILENAME =N''' + @file_name + ''', SIZE = ' + CAST(@size AS nvarchar) + 'MB, MAXSIZE = ' + `
CAST(@max_size AS nvarchar) + 'MB, FILEGROWTH = ' + CAST(@growth AS nvarchar) + 'MB )'
PRINT @alter_command
EXEC sp_executesql @alter_command
SELECT @file_count = @file_count + 1
END\"
$TempDBmodify = \"ALTER DATABASE tempdb MODIFY FILE ( NAME = N'tempdev', SIZE = \" + $TempDBSize + \", MAXSIZE = \" + $TempDBMaxSize + \", FILEGROWTH = \" + $TempDBFileGrowth + \" )\"
$TempLogDBmodify = \"ALTER DATABASE tempdb MODIFY FILE ( NAME = N'templog', SIZE = \" + $TempDBSize + \", MAXSIZE = \" + $TempDBMaxSize + \", FILEGROWTH = \" + $TempDBFileGrowth + \" )\"
$CountTempDBFiles = \"SELECT COUNT(*) as numcpu FROM tempdb.sys.database_files where type_desc = 'ROWS'\"
$CpuCount = \"SELECT cpu_count FROM sys.dm_os_sys_info\"
$LSAType = @'
using System;
using System.Collections.Generic;
using System.Text;
namespace MyLsaWrapper
{
using System.Runtime.InteropServices;
using System.Security;
using System.Management;
using System.Runtime.CompilerServices;
using System.ComponentModel;
using LSA_HANDLE = IntPtr;
[StructLayout(LayoutKind.Sequential)]
struct LSA_OBJECT_ATTRIBUTES
{
internal int Length;
internal IntPtr RootDirectory;
internal IntPtr ObjectName;
internal int Attributes;
internal IntPtr SecurityDescriptor;
internal IntPtr SecurityQualityOfService;
}
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
struct LSA_UNICODE_STRING
{
internal ushort Length;
internal ushort MaximumLength;
[MarshalAs(UnmanagedType.LPWStr)]
internal string Buffer;
}
sealed class Win32Sec
{
[DllImport(\"advapi32\", CharSet = CharSet.Unicode, SetLastError = true),
SuppressUnmanagedCodeSecurityAttribute]
internal static extern uint LsaOpenPolicy(
LSA_UNICODE_STRING[] SystemName,
ref LSA_OBJECT_ATTRIBUTES ObjectAttributes,
int AccessMask,
out IntPtr PolicyHandle
);
[DllImport(\"advapi32\", CharSet = CharSet.Unicode, SetLastError = true),
SuppressUnmanagedCodeSecurityAttribute]
internal static extern uint LsaAddAccountRights(
LSA_HANDLE PolicyHandle,
IntPtr pSID,
LSA_UNICODE_STRING[] UserRights,
int CountOfRights
);
[DllImport(\"advapi32\", CharSet = CharSet.Unicode, SetLastError = true),
SuppressUnmanagedCodeSecurityAttribute]
internal static extern int LsaLookupNames2(
LSA_HANDLE PolicyHandle,
uint Flags,
uint Count,
LSA_UNICODE_STRING[] Names,
ref IntPtr ReferencedDomains,
ref IntPtr Sids
);
[DllImport(\"advapi32\"«»)]
internal static extern int LsaNtStatusToWinError(int NTSTATUS);
[DllImport(\"advapi32\"«»)]
internal static extern int LsaClose(IntPtr PolicyHandle);
[DllImport(\"advapi32\"«»)]
internal static extern int LsaFreeMemory(IntPtr Buffer);
}
/// <summary>
/// This class is used to grant \"Log on as a service\", \"Log on as a batchjob\", \"Log on localy\" etc.
/// to a user.
/// </summary>
public sealed class LsaWrapper : IDisposable
{
[StructLayout(LayoutKind.Sequential)]
struct LSA_TRUST_INFORMATION
{
internal LSA_UNICODE_STRING Name;
internal IntPtr Sid;
}
[StructLayout(LayoutKind.Sequential)]
struct LSA_TRANSLATED_SID2
{
internal SidNameUse Use;
internal IntPtr Sid;
internal int DomainIndex;
uint Flags;
}
[StructLayout(LayoutKind.Sequential)]
struct LSA_REFERENCED_DOMAIN_LIST
{
internal uint Entries;
internal LSA_TRUST_INFORMATION Domains;
}
enum SidNameUse : int
{
User = 1,
Group = 2,
Domain = 3,
Alias = 4,
KnownGroup = 5,
DeletedAccount = 6,
Invalid = 7,
Unknown = 8,
Computer = 9
}
enum Access : int
{
POLICY_READ = 0x20006,
POLICY_ALL_ACCESS = 0x00F0FFF,
POLICY_EXECUTE = 0X20801,
POLICY_WRITE = 0X207F8
}
const uint STATUS_ACCESS_DENIED = 0xc0000022;
const uint STATUS_INSUFFICIENT_RESOURCES = 0xc000009a;
const uint STATUS_NO_MEMORY = 0xc0000017;
IntPtr lsaHandle;
public LsaWrapper()
: this(null)
{ }
// // local system if systemName is null
public LsaWrapper(string systemName)
{
LSA_OBJECT_ATTRIBUTES lsaAttr;
lsaAttr.RootDirectory = IntPtr.Zero;
lsaAttr.ObjectName = IntPtr.Zero;
lsaAttr.Attributes = 0;
lsaAttr.SecurityDescriptor = IntPtr.Zero;
lsaAttr.SecurityQualityOfService = IntPtr.Zero;
lsaAttr.Length = Marshal.SizeOf(typeof(LSA_OBJECT_ATTRIBUTES));
lsaHandle = IntPtr.Zero;
LSA_UNICODE_STRING[] system = null;
if (systemName != null)
{
system = new LSA_UNICODE_STRING[1];
system[0] = InitLsaString(systemName);
}
uint ret = Win32Sec.LsaOpenPolicy(system, ref lsaAttr,
(int)Access.POLICY_ALL_ACCESS, out lsaHandle);
if (ret == 0)
return;
if (ret == STATUS_ACCESS_DENIED)
{
throw new UnauthorizedAccessException();
}
if ((ret == STATUS_INSUFFICIENT_RESOURCES) || (ret == STATUS_NO_MEMORY))
{
throw new OutOfMemoryException();
}
throw new Win32Exception(Win32Sec.LsaNtStatusToWinError((int)ret));
}
public void AddPrivileges(string account, string privilege)
{
IntPtr pSid = GetSIDInformation(account);
LSA_UNICODE_STRING[] privileges = new LSA_UNICODE_STRING[1];
privileges[0] = InitLsaString(privilege);
uint ret = Win32Sec.LsaAddAccountRights(lsaHandle, pSid, privileges, 1);
if (ret == 0)
return;
if (ret == STATUS_ACCESS_DENIED)
{
throw new UnauthorizedAccessException();
}
if ((ret == STATUS_INSUFFICIENT_RESOURCES) || (ret == STATUS_NO_MEMORY))
{
throw new OutOfMemoryException();
}
throw new Win32Exception(Win32Sec.LsaNtStatusToWinError((int)ret));
}
public void Dispose()
{
if (lsaHandle != IntPtr.Zero)
{
Win32Sec.LsaClose(lsaHandle);
lsaHandle = IntPtr.Zero;
}
GC.SuppressFinalize(this);
}
~LsaWrapper()
{
Dispose();
}
// helper functions
IntPtr GetSIDInformation(string account)
{
LSA_UNICODE_STRING[] names = new LSA_UNICODE_STRING[1];
LSA_TRANSLATED_SID2 lts;
IntPtr tsids = IntPtr.Zero;
IntPtr tdom = IntPtr.Zero;
names[0] = InitLsaString(account);
lts.Sid = IntPtr.Zero;
Console.WriteLine(\"String account: {0}\", names[0].Length);
int ret = Win32Sec.LsaLookupNames2(lsaHandle, 0, 1, names, ref tdom, ref tsids);
if (ret != 0)
throw new Win32Exception(Win32Sec.LsaNtStatusToWinError(ret));
lts = (LSA_TRANSLATED_SID2)Marshal.PtrToStructure(tsids,
typeof(LSA_TRANSLATED_SID2));
Win32Sec.LsaFreeMemory(tsids);
Win32Sec.LsaFreeMemory(tdom);
return lts.Sid;
}
static LSA_UNICODE_STRING InitLsaString(string s)
{
// Unicode strings max. 32KB
if (s.Length > 0x7ffe)
throw new ArgumentException(\"String too long\"«»);
LSA_UNICODE_STRING lus = new LSA_UNICODE_STRING();
lus.Buffer = s;
lus.Length = (ushort)(s.Length * sizeof(char));
lus.MaximumLength = (ushort)(lus.Length + sizeof(char));
return lus;
}
}
public class LsaWrapperCaller
{
public static void AddPrivileges(string account, string privilege)
{
using (LsaWrapper lsaWrapper = new LsaWrapper())
{
lsaWrapper.AddPrivileges(account, privilege);
}
}
}
}
'@
#########################################
# #
# Do not edit anything after this point #
# #
#########################################
if ($error) { $error.clear() }
Write-Debug \"Setting Up Global Firewall Rules...\"
Try {
netsh firewall set opmode enable
netsh firewall set service fileandprint enable
}
Catch {
Write-Log -id 1 -Status \"Error\" -Msg \"Glogbal Firewall Configuration Rules\"
}
Write-Log -id 1 -Status \"SuccessAudit\" -Msg \"Glogbal Firewall Configuration Rules\"
Write-Debug \"Starting installation of SQL Server, it might takes few time :«»p\"
Try {
#A Faire, créer des $CMD AS/RS/etc pour chaque switch mis en place !
Add-Type $LSAType -PassThru
#[MyLsaWrapper.LsaWrapperCaller]::AddPrivileges(\"andy\", \"SeServiceLogonRight\"«»)
if ($SQLENGINE) {
Write-Debug \"Setting Up Firewall: Opening TCP $TCPPort for MSDE and UDP 1434 for SQL Browser\"
Try {
netsh firewall add portopening TCP $TCPPort \"SQLServer($instanceName)\" enable subnet | Out-Null
netsh firewall add portopening UDP 1434 \"SQLBrowser($instanceName)\" enable subnet | Out-Null
}
Catch {
Write-Log -id 2 -Status \"Error\" -Msg \"Firewall Configuration Rules for $($InstanceName) & SQLBrowser\"
}
Write-Log -id 2 -Status \"SuccessAudit\" -Msg \"Firewall Configuration Rules for $($InstanceName) & SQLBrowser\"
Write-Debug \"Creating MSDE SystemDB, UserDB, LogDB, BackuupDB and TempDB directories...\"
Try {
$Paths | ? { $_.label -eq \"SQL\" } | % {
$_.path
if ((Test-Path $_.path)) {
Write-Log -id 3 -Status \"Warning\" -Msg \"The path for $($_.Description) already exists.\"
}
else {
New-Item -Path $_.path -itemType \"Directory\" -ErrorAction SilentlyContinue
Write-Log -id 3 -Status \"SuccessAudit\" -Msg \"The path for $($_.Description) is created.\"
if ($_.Description -eq \"SystemDisk\"«») { $SQLPaths = $SQLPaths + ' /INSTALLSHAREDDIR=' + $_.Path }
if ($_.Description -eq \"SystemDBDisk\"«») { $SQLPaths = $SQLPaths + ' /INSTALLSHAREDWOWDIR=' + $_.Path }
if ($_.Description -eq \"BackupDisk\"«») { $SQLPaths = $SQLPaths + ' /SQLBACKUPDIR=' + $_.Path }
if ($_.Description -eq \"UserDataDisk\"«») { $SQLPaths = $SQLPaths + ' /INSTALLSQLDATADIR=' + $_.Path }
if ($_.Description -eq \"UserLogDisk\"«») { $SQLPaths = $SQLPaths + ' /SQLUSERDBLOGDIR=' + $_.Path }
if ($_.Description -eq \"TempDBDisk\"«») { $SQLPaths = $SQLPaths + ' /SQLTEMPDBDIR=' + $_.Path }
if ($_.Description -eq \"TempLogDisk\"«») { $SQLPaths = $SQLPaths + ' /SQLTEMPDBLOGDIR=' + $_.Path }
}
Write-Log -id 3 -Status \"SuccessAudit\" -Msg \"Creation of MSDE $($_.Description) Directories...\"
}
}
Catch {
Write-Log -id 4 -Status \"Error\" -Msg \"Creation of All MSDE Storage Directories...\"
}
Write-Debug \"Create Local Account Services and assignate correct User Rights...\"
$SQLPaths
Foreach ($Label in $SQLAccountLabels) {
Try {
$Account = $Accounts | ? { $_.label -eq $Label }
Create-LocalUser -User $Account.Account -Password $ServicePassword -Description $Account.Description
Try {
$Rights | % { [void][MyLsaWrapper.LsaWrapperCaller]::AddPrivileges(\"$($Account.Account)\", \"$($_)\"«») }
}
Catch {
Write-Log -id x -Status \"Error\" -Msg \"According all needed privileges to $($Account.Account)\"
}
if ($Label -eq \"SQLSVCACCOUNT\"«») {
$SQLAccounts = $SQLAccounts + ' /SQLSVCACCOUNT=' + $Account.Account + ' / SQLSVCPASSWORD=' + $ServicePassword + ' /SQLSVCSTARTUPTYPE=\"Automatic\"'
$SQLAccounts
Write-Debug \"Add SQL Server service account to Administrators group\"
Try {
$Group = [ADSI](\"WinNT://\" + $env:ComputerName + \"/Administrators,Group\"«»)
$Group.Add(\"WinNT://\" + $env:ComputerName + \"/\" + $Account.Account + \",User\"«»)
}
Catch {
Write-Log -id x -Status \"Error\" -Msg \"Add $($Account.Account) to Administrators group.\"
}
Write-Log -id x -Status \"SuccessAudit\" -Msg \"Add $($Account.Account) to Administrators group.\"
Write-Debug \"Set ACL on $UserDataDisk and $BackupDisk for $($Account.Account)\"
Try {
Set-Permission -Path $UserDataDisk -Account $Account.Account
Set-Permission -Path $BackupDisk -Account $Account.Account
}
Catch {
Write-Log -id x -Status \"Error\" -Msg \"Modify ACL on Data Or/And Backup paths\"
}
Write-Log -id x -Status \"SuccessAudit\" -Msg \"Modify ACL on Data Or/And Backup paths\"
}
if ($label -eq \"AGTACCOUNT\"«») { $SQLAccounts = $SQLAccounts + ' /AGTSVCACCOUNT=' + $Accounts.Account + ' /AGTSVCPASSWORD=' + $ServicePassword + ' /AGTSVCSTARTUPTYPE=\"Automatic\"' }
}
Catch {
Write-Log -id 5 -Status \"Error\" -Msg \"Creation of Service account for $($Label)\"
}
Write-Log -id 5 -Status \"SuccessAudit\" -Msg \"Creation of Service account for $($Label)\"
}
$SQLAccounts
$features = $features + 'SQLENGINE,'
$SQLOptions = '/SQLCOLLATION=' + $SQLCollation + ' /SAPWD=' + $SAPassword + ' '
$SQLOptions
}
if ($REPLICATION) {
if (!$SQLENGINE) { Write-Log -id x -Status \"Error\" -Msg \"To Enable Replication in this installation you need to Install SQLENGINE too...\" }
$features = $features + 'REPLICATION,'
}
if ($FT -gt 1) {
if (!$SQLENGINE) { Write-Log -id x -Status \"Error\" -Msg \"To Enable Full Text in this installation you need to Install SQLENGINE too...\" }
if (!$FILESTREAMSHARENAME) { Write-Log -id x -Status \"Error\" -Msg \"Please, specify a Windows share to store file for filestream...\"
$features = $features + 'FULLTEXT, /FILESTREAMSHARENAME=' + $FILESTREAMSHARENAME + ' '
}
if ($IS) {
$features = $features + 'IS,'
$Account = ($Accounts | ? { $_.label -eq \"ISSVCACCOUNT\"} ).Account
$ISServices = '/ISSVCACCOUNT=' + $Account + ' /ISSVC=' + $ServicePassword + ' /ISSVCSTARTUPTYPE=\"Automatic\"'
}
if ($RS) {
Try {
netsh firewall add portopening TCP 80 \"Reporting Services - Http - ($instanceName)\" enable subnet
netsh firewall add portopening TCP 443 \"Reporting Services - Https - ($instanceName)\" enable subnet
}
Catch {
\"Test\"
}
$features = $features + 'RS,'
$RSServices = '/RSINSTALLMODE=' + $RSInstallMode + '/RSSVCACCOUNT=' + ($Accounts | ? { $_.label -eq \"RSSVCACCOUNT\"} ).Account + ' /RSSVCPASSWORD=' + $ServicePassword + ' /RSSVCSTARTUPTYPE=\"Automatic\"'
}
if ($AS) {
Try {
netsh firewall add portopening TCP 2252 \"Analysis Services ($instanceName)\" enable subnet
}
Catch {
\"TEST\"
}
$features = $features + 'AS,'
$CMDAccounts = $CMDAccount + '/'
$CMDPaths = $CMDPaths + '/'
#/ASBACKUPDIR
}
$Options = '/INSTANCEID=' + $InstanceName + ' /INSTANCENAME=' + $InstanceName + '/ACTION=Install /INDICATEPROGRESS=False /QUIET=True QUIETSIMPLE=False /HELP=False /X86=False `
/IAcceptSQLServerLicenseTerms /BROWSERSVCSTARTUPTYPE=\"Automatic\" /PID=' + $PID + ' '
if (!$WindowsAuthent) { $Options = $Options + ' /SECURITYMODE=SQL' }
if ($NamedPipe) { $Options = $Options + ' /NPENABLED=1' }
$Options
$CMDFeatures = \"/FEATURES=REPLICATION,FULLTEXT,AS,RS,BIDS,CONN,IS,BC,SDK,SSMS,ADV_SSMS,SNAC_SDK,OCS\"
$inv = $sourcesdir + \"setup.exe /SAPWD=\" + $SAPassword + \"/ACTION=Install /SQLSYSADMINACCOUNTS=$env:computername\Administrator\"
#\" /CONFIGURATIONFILE=\" + $scriptdir + \"config.ini\"
invoke-expression $inv
}
Catch {
\"TEST\"
}
Write-Debug \"Starting TCP/IP Configuration\"
Try {
Set-ItemProperty $HKML_IPall -name \"TcpPort\" -value \"$TCPPort\"
Set-ItemProperty $HKML_IPall -name \"TcpDynamicPorts\" -value \"\"
}
Catch {
\"TEST\"
}
add-pssnapin sqlserverprovidersnapin100
add-pssnapin sqlservercmdletsnapin100
if ($AutoTune) {
if ($InstanceName -eq \"MSSQLSERVER\"«») { $SQLServer = \".\" }
else { $SQLServer = $env:computername + \"\\" + $InstanceName }
Try {
Create-LogInfo \"Configure TempDB File\" \"START\"
Invoke-Sqlcmd -Query $TempDBmodify -Serverinstance $SQLServer
}
Catch {
\"TEST\"
}
Try {
Create-LogInfo \"Configure TempDB Log File\" \"START\"
Invoke-Sqlcmd -Query $TempLogDBmodify -Serverinstance $SQLServer
}
Catch {
\"TEST\"
}
Try {
Create-LogInfo \"Auto-Configure TempDB\" \"START\"
Invoke-Sqlcmd -Query $TempDBadd -Serverinstance $SQLServer
}
Catch {
\"TEST\"
}
}
}
Catch {
\"NOK\"
}
[/code:1]
Connexion ou Créer un compte pour participer à la conversation.
Temps de génération de la page : 0.091 secondes
- Vous êtes ici :
-
Accueil
-
forum
-
PowerShell
-
Contributions à la communauté
- Installation SQL Server 2008R2