Remote management of virtual machines on Windows Azure via PowerShell

Connecting a virtual machine on Windows Azure is certainly not a difficult task especially if you connect the Windows operating system simply by clicking on the Remote Desktop Rdpwindows Azure virtual opportunity to help you automatically create the profile of the remote connection RDP you can experience the convenience of the public cloud. Because the virtual machine external connections are connected through port mappings. Of course, based on the regional network, the newly created virtual network in azure.cn is already a regional network. Of course you can still create an affinity group-based virtual network although it is not recommended to create a virtual machine instance-level public IP address so you can also skip through the "cloud service" Port-mapped RDP and connects directly to the 3389 port of the virtual machine public IP. All right, that's all. Remote Desktop for remote virtual machine management If you need to manage virtual machines in bulk, what is the way to do this? Automated cloud services for the automation as a service are already available on Microsoft Azure, which operates globally Manage Virtual machine services in batch time with PowerShell workflow run manual It certainly sounds cool, but at the moment, the domestic automation service has to wait.

But what if we want to batch manage virtual machines on a domestic azure public cloud with PowerShell scripts? Here's a demo of my script to share with you.

First download and install the latest Azure Powershell Note This script is just in Powershell 4.0 Environmental testing When you automate provision deployment through Windows Server virtual machines created in Azure, the background automatically helps enable PowerShell HTTPS-based winrm access with a certificate that is the "cloud service FQDN" Certificate This can be verified in the Azure Management Portal Cloud Service certificate in the following ways

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/54/61/wKioL1SAn8-DBQv1AACunwXiSiE456.jpg "/>

PowerShell that comes to azure virtual machine to view the configuration is enabled for HTTPS-based access and the thumbprint that is configured to access the certificate is the certificate thumbprint of the cloud service configuration so you want to access windows in the cloud remotely through PowerShell The server virtual machine needs to be re-accessed by the client to install the appropriate certificate file to the local list of trusted certificates currentuser\my The following script installs the certificate to that location of the remote administration client.

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/54/63/wKiom1SAn0Hx3mfrAAEbsVGusmw630.jpg "/>

(* Note * Here the script does not do the virtual machine operating system judgment under "cloud service" because all virtual machines in the demo environment are Windows Server R2 virtual machines.) )

The demo script remote execution script Invoke-command in Scriptblock is primarily used to add the Configure User experience service to Azure virtual machines, which can be modified as needed, and also if an interactive environment is required enter-pssession URI management for connecting virtual machines to URIs.

You need to specify the parameter subscription name in the actual demo cloud service name remote-configazvm.ps-subscriptionname "subscription name"-servicename "Cloud service Name"

Param (    [parameter (mandatory= $false, position=0)]    [string]$ Subscriptionname,    [parameter (mandatory= $false)]    [string]$ Servicename,     [parameter (mandatory= $false)]    [string] $Path  =  (get-location))   # Elevate to adminWrite-Host  "Checking for  elevation...  " -NoNewline$CurrentUser = New-Object  security.principal.windowsprincipal $ ([Security.principal.windowsidentity]::getcurrent ()) if  (($ Currentuser.isinrole ([security.principal.windowsbuiltinrole]::administrator))  -eq$false)  {      $ArgumentList =  "-noprofile-noexit -file " "{0} '"  -Path  "$Path" "     if ($DeploymentOnly)  {$ArgumentList  =  $ArgumentList  + " - Deploymentonly "}    write-host" elevating "  &nBsp; start-processpowershell.exe -verbrunas -argumentlist ($ArgumentList  -f ($myinvocation. mycommand.definition))     exit}  select-azuresubscription -subscriptionname   $SubscriptionName  -Current$Validate =  $true  # Check Current PS  versionif  ($PSVersionTable. psversion.major -lt 4)  {Write-Error  "Only supports  powershell version 4 or higher! "; $Validate  = $false}  if  ($Validate) {function install-winrmcertificate ($ServiceName,   $VMName) {     $vm = get-azurevm-servicename  $ServiceName-name  $VMName      $winRmCertificateThumbprint =  $VM. Vm. defaultwinrmcertificatethumbprint         $winRmCertificate =  get-azurecertificate-servicename  $ServiceName '         -thumbprint $winRmCertificatethumbprint -thumbprintalgorithm sha1        $ Installedcert= get-item cert:\currentuser\my\ $winRmCertificateThumbprint-erroraction  Silentlycontinue        if ($installedCert  -eq$null)      {         $certBytes = [system.convert]:: FromBase64String ($winRmCertificate. Data)          $x 509cert=  new-objectsystem.security.cryptography.x509certificates.x509certificate          $x 509cert.import ($certBytes)                   $store = new-objectsystem.security.cryptography.x509certificates.x509store " Root "," LocalMachine "         $store. Open ("ReadWrite")          $store. ADD ($x 509Cert)          $store. Close ()     }}  $VMnames  =  (get-azurevm -servicename  $ServiceName). hostnameforeach  ($VMname  in  $VMnames)     {     install-winrmcertificate-servicename  $ServiceName-vmname  $VMname      $VMwinRmUri =  Get-AzureWinRMUri-ServiceName  $ServiceName-name  $VMname      $credential =  Get-Credential     Start-Job-ScriptBlock{             Invoke-Command-URI  $VMwinRmUri-credential $ credential-scriptblock {                     install-windowsfeature -namedesktop-experience - includeallsubfeature -restart-force}}     }}

Remote management of virtual machines on Windows Azure via PowerShell