I recently had to deploy some new VMs and wanted to use PowerShell and also join them to a domain and get the anti-malware extension used. Below is the PowerShell I used. You would need to modify the variables in the below to match your own domains.
$Region = "EastUS" $VNetName = "savilltech-vnet-east" $VNetRG = "savilltech-vnets_rg" $VNetSubnetName = "savilltech-vnet-east-savhybridinfra-vms" $VNetSubnetCIDR = "10.244.3.64/26" $NSGName = "savNSGLockdownEastUS" $VMRG = "savilltech-savhybridinfra_rg" $SQLVMName = "AZUUSESQL01" $SQLVMSize = "Standard_DS3_v2" #4vcpu 16GB memory $SQLVMIP = "10.244.3.68" $VMDiagName = "savhybridinfradiag" #Domain Join Strings $string1 = '{ "Name": "savilltech.net", "User": "savilltech.net\adminname", "OUPath": "OU=Servers,OU=Hybrid,OU=Environments,DC=savilltech,DC=net", "Restart": "true", "Options": "3" }' $string2 = '{ "Password": "rawpasswordhere" }' #Get the network subnet $NSG = Get-AzureRmNetworkSecurityGroup -Name $NSGName -ResourceGroupName $VNetRG $VNet = Get-AzureRmVirtualNetwork -Name $VNetName -ResourceGroupName $VNetRG $VNetSubnet = Get-AzureRmVirtualNetworkSubnetConfig -Name $VNetSubnetName -VirtualNetwork $VNet #Local Credential $user = "localadmin" $password = 'localadminpasshere' $securePassword = ConvertTo-SecureString $password -AsPlainText -Force $cred = New-Object System.Management.Automation.PSCredential ($user, $securePassword) # Antimalware extension $SettingsString = '{ "AntimalwareEnabled": true,"RealtimeProtectionEnabled": true}'; $allVersions= (Get-AzureRmVMExtensionImage -Location $Region -PublisherName "Microsoft.Azure.Security" -Type "IaaSAntimalware").Version $typeHandlerVer = $allVersions[($allVersions.count)-1] $typeHandlerVerMjandMn = $typeHandlerVer.split(".") $typeHandlerVerMjandMn = $typeHandlerVerMjandMn[0] + "." + $typeHandlerVerMjandMn[1] #Create the resource group New-AzureRmResourceGroup -Name $VMRG -Location $Region #Create the diagnostics storage account New-AzureRmStorageAccount -ResourceGroupName $VMRG -Name $VMDiagName -SkuName Standard_LRS -Location $Region # Create VM Object $vm = New-AzureRmVMConfig -VMName $SQLVMName -VMSize $SQLVMSize $nic = New-AzureRmNetworkInterface -Name ('nic-' + $SQLVMName) -ResourceGroupName $VMRG -Location $Region ` -SubnetId $VNetSubnet.Id -PrivateIpAddress $SQLVMIP # Add NIC to VM $vm = Add-AzureRmVMNetworkInterface -VM $vm -Id $nic.Id # VM Storage $vm = Set-AzureRmVMSourceImage -VM $vm -PublisherName MicrosoftWindowsServer -Offer WindowsServer ` -Skus 2016-Datacenter -Version latest $vm = Set-AzureRmVMOSDisk -VM $vm -StorageAccountType PremiumLRS -DiskSizeInGB 512 ` -CreateOption FromImage -Caching ReadWrite -Name "$SQLVMName-OS" $vm = Set-AzureRmVMOperatingSystem -VM $vm -Windows -ComputerName $SQLVMName ` -Credential $cred -ProvisionVMAgent -EnableAutoUpdate $diskConfig = New-AzureRmDiskConfig -AccountType PremiumLRS -Location $Region -CreateOption Empty ` -DiskSizeGB 2048 $dataDisk1 = New-AzureRmDisk -DiskName "$SQLVMName-data1" -Disk $diskConfig -ResourceGroupName $VMRG $vm = Add-AzureRmVMDataDisk -VM $vm -Name "$SQLVMName-data1" -CreateOption Attach ` -ManagedDiskId $dataDisk1.Id -Lun 1 $vm = Set-AzureRmVMBootDiagnostics -VM $vm -Enable -ResourceGroupName $VMRG -StorageAccountName $VMDiagName # Create Virtual Machine New-AzureRmVM -ResourceGroupName $VMRG -Location $Region -VM $vm Set-AzureRmVMExtension -ResourceGroupName $VMRG -VMName $SQLVMName -Name "IaaSAntimalware" ` -Publisher "Microsoft.Azure.Security" -ExtensionType "IaaSAntimalware" ` -TypeHandlerVersion $typeHandlerVerMjandMn -SettingString $SettingsString -Location $Region Set-AzureRmVMExtension -ResourceGroupName $VMRG -VMName $SQLVMName -ExtensionType "JsonADDomainExtension" ` -Name "joindomain" -Publisher "Microsoft.Compute" -TypeHandlerVersion "1.0" -Location $Region ` -SettingString $string1 -ProtectedSettingString $string2
Note the TypeHandlerVersion to join the domain now needs to be 1.3. Also the account type for storage should now be Premium_LRS.
LikeLike