I've taken note of various Dockerfiles for SQL Server support, most recently: https://blogs.msdn.microsoft.com/sqlserverstorageengine/2016/03/21/sql-server-in-windows-containers/
And, I've seen the SQL Server Image support provided by WinDocks on Windows Server 2012 but I haven't seen whether Microsoft has announced plans to support SQL Server 2016 with Docker image support on Windows Server 2016? And, if so, has anyone heard if MS plans to include support in dockerfile support for adding or mounting databases in containers? Thanks in advance!
UPDATE: The SQL Server team now maintains a 2014 Express image on Docker Hub: https://hub.docker.com/r/microsoft/mssql-server-2014-express-windows/
SQL Server 2016 is currently a little harder to install, but 2014 works fine. Here's my (slightly hacky) Dockerfile:
FROM microsoft/dotnet35
ENV SQL_EXPRESS_DOWNLOAD_URL "https://download.microsoft.com/download/1/5/6/156992E6-F7C7-4E55-833D-249BD2348138/ENU/x64/SQLEXPR_x64_ENU.exe"
ENV SQL_SERVER_SA_PASSWORD "Password1"
WORKDIR /
RUN powershell -Command (New-Object System.Net.WebClient).DownloadFile('%SQL_EXPRESS_DOWNLOAD_URL%', 'sqlexpress.exe')
RUN /sqlexpress.exe /qs /x:setup && /setup/setup.exe /q /ACTION=Install /INSTANCENAME=SQLEXPRESS /FEATURES=SQLEngine /UPDATEENABLED=0 /SECURITYMODE=SQL /SAPWD=%SQL_SERVER_SA_PASSWORD% /SQLSVCACCOUNT="NT AUTHORITY\System" /SQLSYSADMINACCOUNTS="BUILTIN\ADMINISTRATORS" /TCPENABLED=1 /NPENABLED=0 /IACCEPTSQLSERVERLICENSETERMS && del /F /Q sqlexpress.exe && rd /q /s setup
RUN powershell -Command \
set-strictmode -version latest ; \
stop-service MSSQL`$SQLEXPRESS ; \
set-itemproperty -path 'HKLM:\software\microsoft\microsoft sql server\mssql12.SQLEXPRESS\mssqlserver\supersocketnetlib\tcp\ipall' -name tcpdynamicports -value '' ; \
set-itemproperty -path 'HKLM:\software\microsoft\microsoft sql server\mssql12.SQLEXPRESS\mssqlserver\supersocketnetlib\tcp\ipall' -name tcpport -value 1433 ; \
start-service MSSQL`$SQLEXPRESS
CMD powershell -Command while ($true) { Start-Sleep -Seconds 3600 }
EXPOSE 1433
It's based on this one: https://github.com/brogersyh/Dockerfiles-for-windows/blob/master/sqlexpress/dockerfile
Follow up on this, Microsoft released Windows Server core 1709 with support for network attached SMB shares. I also note that Windocks has released Docker SQL Server container database cloning support, which I've tested using Core 1709,and can now service a team with 500 GB data images in roughly 1 minute. You can see more on Windocks at https://windocks.com/docker-sql-server-containers
If you want to install a full version of sql server (not only the Express version), here's how you can do it: https://github.com/mabead/Docker.SqlServer
Related
If i run this locally on the machine after getting to the correct directory, the uninstall / install works great. But it's after I convert to intunewin file and upload to intune that i keep getting failed to install error.
Have the .msi as the "setup file" for intunewin. I originally had the .ps1 as set up, but that didn't work. I also verified i'm running it using the system account when deploying through intune.
$software = Get-Package -Name "TeamViewer 12 Host (MSI Wrapper)"
if ($software.Name -eq "TeamViewer 12 Host (MSI Wrapper)") {
Uninstall-Package -Name "TeamViewer 12 Host (MSI Wrapper)" -Force
}else{
Write-Host "Uninstalled"
}
Start-Process msiexec.exe -ArgumentList '/i TeamViewer_Host.msi /qn CUSTOMCONFIGID=xxxxxx APITOKEN=xxxxxxxxxx ASSIGNMENTOPTIONS="--grant-easy-access --reassign"'
I am facing a difficulty on installing RSAT to remote windows 10 workstations via gpo. My main goal is to use Get-ADuser command as a necessity to gain information from my Windows domain.
I created a PowerShell script using the following command:
Get-WindowsCapability -Name RSAT* -Online | Add-WindowsCapability –Online
Yet when I run it, a message appears asking for elevated privileges.
So I tried to add credentials in order to automate the installation and changed the script to :
$Username = 'domain\domain_adm'
$Password = '*******'
$pass = ConvertTo-SecureString -AsPlainText $Password -Force
$Cred = New-Object System.Management.Automation.PSCredential -ArgumentList $Username,$pass
Start-Process -FilePath powershell.exe -ArgumentList{Get-WindowsCapability -Name RSAT* -Online | Add-WindowsCapability –Online} -credential $Cred
And from a normal PowerShell window, it works. But, it doesn't when I am trying to use it from gpo.
Could you please assist me?
The goal is to install via GPO Get-ADuser (maybe RSAT) to domain workstations with OS Windows 10
For a small number of machines Powershell is not a bad option. If you have access to GPOs then you should use then. RSAT is "Windows feature". You can use WSUS. https://4sysops.com/archives/install-rsat-1809-and-other-optional-features-in-wsus-environments/ You could also use the software that you use to install software on the machine on the network . Many of software distribution packages run as root when it installs software. In this case just give that team the line below.
Get-WindowsCapability -Name RSAT* -Online | Add-WindowsCapability –Online
Why are you putting credentials in clear text in a script file? That
is just bad practice and should not be done.
Installing software is an Admin level thing, local, GPO, or
otherwise, because it's a system-wide change.
Lastly, this is not a PowerShell code/programming issue and not something PowerShell can fix relative to how you are trying to do this. It's specifically how do I use GPO to enable a Windows feature or install software, using PowerShell?
So, could be considered off-topic for Stackoverflow and more a question for SuperUser or StackExchange.
All that being said, you can still use PowerShell to do this, but doing so by using PowerShell to set a scheduled task to the targets and set that to the admin creds at run once at login.
You can write a separate script to create the scheduled task.
You can use the below script for the RSAT install effort via the task.
Use PowerShell to Create Scheduled Tasks
New-ScheduledTask
Very similar to this approach with updating PowerShell help:
PowerShell: Update-Help via Scheduled Task in Group Policy Preferences
As far as what js2010 has stated. That was true for earlier versions of Windows 10. The current state of things is as noted below.
Install RSAT for Windows 10 1809 and 1903 and 1909 automated
RSAT (Remote Server Administration Tools) in Windows 10 v1809 and
v1903 are no longer a downloadable add-on to Windows. Instead, its
included as a set of "Features on Demand" directly in Windows.
Download: Install-RSATv1809v1903v1909.ps1
Long term Scheduled Task management can be accomplished via GPO as well, as noted here:
Managing Scheduled Tasks from Group Policy
You can download RSAT as an msu file: https://www.microsoft.com/en-us/download/details.aspx?id=45520
EDIT: Ok, as for 1809 and above, my first thoughts are a gpo startup script, or using invoke-command.
I am having an issue getting AutoAdminLogon working with my Windows Server 2008 R2 Image. It is an Amazon Windows Server 2008 R2 CIS Level 2 Benchmark AMI from the Amazon Marketplace.
The issue I am having is when I set the AutoAdminLogin to 1 and do a gpupdate or reboot it reverts back to 0.
I am using Packer to provision my AMI so the steps I am going through are Remove PowerShell 3.0 then reboot. The AutoAdminLogon is set before the reboot but gpupdate runs when the system restarts gpupdate reverts the setting back to 0.
The AutoAdminLogon is needed because the server needs to reboot several times during the provisioning.
Steps are
1. Remove PowerShell 3.0
2. Reboot
3. AutoAdminLogon
4. Install .Net 4.5.2
5. Install Windows Management Framework 5.1
6. Reboot.
At this point, Packer will try to connect using WINRM to finish provisioning the instance to capture as an AMI.
I know it has something to do with the MSS-Legacy settings applied to the AMI. But how do I un-apply them? Or just the AutoAdminLogin set to Disabled?
I have tried using secedit:
secedit /export /cfg c:\temp\secpol.cfg
(gc C:\temp\secpol.cfg).replace('AutoAdminLogon=1,"0"','AutoAdminLogon=1,"1"') | Out-File C:\temp\secpol.cfg
secedit /configure /db c:\windows\security\secedit.sdb /cfg c:\temp\secpol.cfg
Reference: Modify Local Security Policy using Powershell
I have tried the steps listed here: https://docs.bmc.com/docs/tssa89/rollback-of-cis-and-pciv2-templates-after-remediation-does-not-work-808908846.html
Here is also a link to the Script I have modified to do the PowerShell Upgrade:
https://github.com/jborean93/ansible-windows/blob/master/scripts/Upgrade-PowerShell.ps1
Now if I download the MSS-Legacy GPO templates and use the GUI to set the MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended) to Enabled,
It will work and the setting will stick after reboots or gpudpate. But I need a way to do this in a scripted manner because there is no interaction with the Instance during the Bakery process.
I cannot do the steps using a GUI as this is part of our AMI bakery process.
Thanks so much I look forward to seeing peoples thoughts.
I've just come across this "fun"!
I used the PolicyFileEditor PowerShell module and a lot of trial and error, coupled with the information in your question (thanks for that!) to get this working.
My OS is Windows Server 2016, so hopefully it also works for Windows Server 2008 R2 (not that anyone should be using that anymore).
Here's the PowerShell code that I'm using in my Packer build:
Install-Module PolicyFileEditor
Import-Module PolicyFileEditor
# Change the Autologon GPO setting
Set-PolicyFileEntry -Path "$env:windir\system32\GroupPolicy\Machine\registry.pol" -Key "Software\Microsoft\Windows NT\CurrentVersion\Winlogon" -ValueName "AutoAdminLogon" -Data "1"
# Force the policy update to occur
gpupdate /force
# Configure the auto login user and password so that the next restart has autologin
$loginPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"
Set-ItemProperty -Path $loginPath -Name "DefaultUserName " -Value "<your_admin_user>" -Type String
Set-ItemProperty -Path $loginPath -Name "DefaultPassword" -Value "<your_admin_password>" -Type String
There's also another registry value that you need to specify which is the AutoLogonCount. AutoAdminLogon is directly correlated to the logon count for how many times the system will automatically logon after a reboot.
If your logon count is not set, this may be the reason why it's resetting to 0.
If you want this to be set infinitely, just set it 999999 or something ridiculously high.
You can refer to this MSDN for more information:
MSGina.dll
Note that the Type for AutoLogonCount should be REG_DWORD
Instead of having to restart the computer, you can try the following command:
# Force the policy update to occur w/o restart
echo N | gpupdate.exe /target:Computer /force
Can I use nuget tool getting latest version of IIS express? How if can?
If nuget cannot do that, is there any way else that I can complete this task in one command line? Windows7
It seems you are searching for something like this:
Install-WindowsFeature -Name Web-Server -IncludeAllSubFeature -IncludeManagementTools -ComputerName Server1 -Credential contoso.com\johnj99
See Install-WindowsFeature for more details.
Hy,
I would install PostGreSQL 9.1 on a Windows Server 2012.
I want to used a PowerShell script.
With my JDK executables file, I use Start-Process "Myfile" -ArgumentList "/s" -Wait
But the argument \s don't work with my PostGre executables file.
Have you an idea ?
You can use Install-Postgres Powershell module, it's on TechNet Gallery.
The Install-PostgreSQL PowerShell module does the following:
creates a local windows user that PostgreSQL will use
downloads the PostgreSQL installer provided by EnterpriseDB
installs Postgres unattended using the supplied parameters
sets postgres windows user as owner of Postgres files and folders
sets Postgres windows service to run under postgres local user
creates pgpass.conf file in AppData
copies configuration files to data directory
opens the supplied port that PostgreSQL will use in the Windows
Firewall
Usage
Import-Module Install-Postgres
Install-Postgres -User "postgres" -Password "ChangeMe!"
I have used this command : Start-Process $installFile -ArgumentList "--unattendedmodeui minimal --mode unattended --prefix $dest --datadir $dest\data --servicepassword $pwd" -Wait
Thanks for your help ! :)