Caution: Articles written for technical not grammatical accuracy, If poor grammar offends you proceed with caution ;-)
OK so in this article we are going to create our first workflow that executes a powershell script that adds a computer account to active directory in whatever OU you would like it to be placed in. Our Powershell script will get loaded in to the Model Manager Repository and we will modify the “MachineRequested” workflow stub to execute our script. Then we will use the workflow stub property to determine for which VM’s we want want the workflow stub to execute.
Dependencies
Active Directory Module for Powershell
- Open the Powershell Console
- Run “Import-Module ServerManager”
- Run “Add-WindowsFeature RSAT-AD-Powershell”
Installation
Create Powershell Script
First thing we need to do is create our powershell script. The script that we will need has to do a few things. It needs to pull values from vCAC that will be used to add the machine to AD. The values we are going to pull are Hostname, DNSDomain, & Active Directory OU. We will use the Hostname and DNSDomain to create the FQDN for the server. The code for the script is below or you can just download it from here.
## Assign Custom Properties from vCAC to variables to be utilized as part of our script.
## Script created by Sid Smith http://www.dailyhypervisor.com
$Hostname = $Properties["VirtualMachineName"]
$DNSDomain = $Properties["DNSDomain"]
$ADOU = $Properties["ADOU"]
$FQDN = $Hostname + '.' + $DNSDomain
## Import Active Directory PS Module
import-module activedirectory
## Add Computer Record
if (!$ADOU) {
New-ADComputer -Name $Hostname -SAMAccountName $Hostname -Description $Hostname -DNSHostName $FQDN
} else {
New-ADComputer -Name $Hostname -SAMAccountName $Hostname -Description $Hostname -DNSHostName $FQDN -Path $ADOU
}
Load Script into vCAC Repository
Now that we have our script we need to load it into the vCAC Model Manager Repository. We do that by completing the following:
- On your vCAC server open a command window and navigate to the WorkFlow Designer Folder (C:\Program Files (x86)\DynamicOps\Design Center)
- Issue the follwoing command:
- Issue the following command to verify the file is in the repository:
- In the listing you should see “ADDComputerAD”
Cloudutil.exe File-Import -n ADDComputerAD -f c:\path_to_script\addcomputerad.ps1
Cloudutil.exe File-List
Modify vCAC Workflow Stub to execute Powershell Script
Next we need to open the workflow designer, load a workflow stub and modify the workflow to execute the powershell script that we loaded in to the repository. In this example we will be modifying the Machine Provisioned workflow stub. This can be done using either the Machine Requested or Machine Provisioned stub, I prefer the Machine Provisioned stub so the AD computer account is not created if provisioning fails.
- Open the vCAC Workflow Designer
- Choose “Load” form the menu bar and select the “WFStubMachineProvisioned” workflow stub to modify
- When the Workflow loads double-click “Machine Provisioned”
- Then Double-Click “Custom Code”
- Assuming you have not previously modified this workflow stub you will see an empty workflow with only the “Start” activity
- Drag the “GetMachineName” activity from the toolbox on the left to the workspace.
- Next connect the “Start” activity to the “GetmachineName” activity by hovering over the “Start” activity and clicking on the box and dragging the line to the “GetMachineName” activity.
- Next double-click on the “GetMachineName” Activity and fill in the “Machine ID” and “Machine Name” Fields as follows (Case Sensitive):
- Next go back to the workspace by clicking “Custom Code” on the breadcrumb navigation bar.
- Next drag an “A+B Assign” activity from the toolbox on the left located under “primitives”
- Next connect the “GetMachineName” activity to the “A+B Assign” activity and input the following:
- Drag and drop the “ExecutePowerShellScript” from the left Toolbox located under “DynamicOps.Cdk.Activities” to the workspace
- Connect the “A+B Assign” activity to the “ExecutePowerShellScript” activity.
- Next double-click the “ExecutePowerShellScript” and open the activity and input the following:
- Next go back to the workspace by clicking “Custom Code” on the breadcrumb navigation bar.
- Drag a “ForEach
” Activity to the workspace and connect “ExecutePowerShellScript” to it. - Down near the bottom of the “Designer” pane or the workspace you will see a blue bar. On the left of the bar you will see “Variables” Click on “Variables” and the Variables pane will appear.
- Click in the are where is says “Create Variable” and create a variable named “vmName” and leave the default “Variable type” of String,and Scope of “Custom Code”
- Next create another variable named “args” then click in “Variable Type”, click the down arrow and select “Browse for Types…”
- When the “Browse and Select a .Net Type” window appears type “Dictionary” in the “Type Name:” field and select “Dictionary
- Once selected you will see “System.Collections.Generic.Dictionary” appear near the top with two drop down boxes. Click the down arrow and select “String” for both boxes, and click OK.
- Once you click ok and see the variables, click outside the current “args” variable and you should see “Dictionary
- Next enter “New Dictionary (of string,string)” without the quotes in the Filed labeled default for the “args” variable.
- Next create a variable named “psOutput” once created click variable type and choose “Browse for types…” Once the browse box opens type “system.collections.objectmodel.collection”.
- Next select the drop down and click “Browse for types again and type “system.management.automation.PSObject”
- Then Click OK
- Then Click OK again
- In the default field please enter “New Collection (of psObject)” as seen below
- Now go to the “ForEach
” activity we created in step 17 click on the title where is says “Foreach ” and replace the “Int32” with “PSObject” - Next double-click to drill down into the “ForEach> object
- Next drag a “WriteLine” activity and place it in the body of the “ForEsch” statement
- Next enter the following informatiom
- On the “Right” in the “Properties” section locate the “TypeArgument” and set it to “System.Management.Automation.PSObject”
- Check to make sure there are no compile errors. If there are no compile errors click “Send” on the top menu bar, enter a description and press ok.
Machine ID = virtualMachineID
Machine Name = vmName
First Box = args(“VirtualMachineName”)
Second Box = vmName
Script Name = “AddComputerAD” (Must include quotes)
Machine Id = virtualMachineId
Arguments = args
Output = psOutput
If you do not see “System.Management.Automation.PSObject” then the PSObject is not loaded. Please perform the following steps:
1. Create a new variable named “PSObject”
2. Click on the Variable Type and browse for “System.Management.Automation.PSObject
3. Go back to Step 26 and and follow the steps for creating “psOutput”
4. Delete the PSObject variable by highlighting the variable and pressing the delete key
In = psOutput
Text = Item.ToString
Configure vCAC to utilize Script
Now that we loaded our script into the repository and modified the Workflow stub to execute our script we need to configure some properties in vCAC. For this example configure the properties ona blueprint. The properties that need to be configured are:
DNSDomain – Specify the DNS Domain for the AD Zone that the machine will be added. For example inappsure.local
ADOU – Specify the OU that the machine should be placed in. OU should be formatted like: ou=it,dc=inappsure,dc=local
ExternalWFStubs.MachineProvisioned – The property does need a value. This is used to instruct vCAC to execute the MachineProvisioned Workflow.
Now go ahead and make a request. Once the machine has entered the Machine Provisioned state you should see the computer account in the AD OU.
Check out Burke Azbill’s example of how to “Remove computer from AD using vCO during vCAC Decommission“.
Great post. I think there is a type:
“ExternalWFStubs.MachineProvisioned – The property does need a value. This is used to instruct vCAC to execute the MachineProvisioned Workflow.”
Should say:
“ExternalWFStubs.MachineProvisioned – The property does NOT need a value. This is used to instruct vCAC to execute the MachineProvisioned Workflow.”
Am I right?
Under which account does the powershell script is run ? The service account of vCAC or the user requesting the deployment ?
As I’m getting:
Workflow “WFStubMachineProvisioned” failed with the following exception: A required privilege is not held by the client
When importing the PowerShell script (Cloudutil.exe File-Import -n ADDComputerAD -f c:path_to_scriptaddcomputerad.ps1
) is either the name (-n ADDComputerAD) or script file (-f …addcomputerad.ps1) hardcoded?
When you run this command, Cloudutil uploads the PowerShell script to the Model Manager. Once that’s done, you can reference it by name (the -n part) when you invoke it in your workflow, and the DEM Worker will dynamically pull the latest version to run it. So there is no hard-coded file path, if that’s what you’re asking.
Followed all the steps above, but somehow with the change to the WFStubMachineProvisioned based on the above changes it calls unprovisionMachine , and begins disposing the machine. When I revert back to the initial version, it successfully provisions the machine.
I’m having the same problem as RJ Benikar where my it automatically begins to dispose my machine.
RJ,
You indicated that you reverted back to your initial version and it worked, did it move the Vm to the correct OU?
Any info is greatly appreciated.
Thanks
I’m having the same problem as RJ Benikar where my it automatically begins to dispose my machine. When I remove the ExternalWFStubs.MachineProvisioned from my blueprint, I am able to deploy but the VM is still in the default OU.
Any assistance would be greatly appreciated!
Philip
I tried the above procedure exactly but its not working, Looks like host name is not passing the VM name(as per the logs).That’s why its deleting the VM. Is it working for someone? I am using 5.2.2 & 5.2.1
$Hostname = $Properties[“VirtualMachineName”] <===== Need correction here..
VirtualMachine Name is the correct property. It’s been a while since I put this together, however it has been tested and worked when built. Not sure what is the issue, but there are many better ways to do this today such as using vCO. This is a much better solution. http://dailyhypervisor.com/vcloud-automation-center-active-directory-machine-account-management-extension/
Sid,
I really appreciate your help for sharing your knowledge through this article( VCAC Designer). It worked for me. But I don’t see the process of removal of computer account. Now, I understand why you recommended the second article – http://dailyhypervisor.com/vcloud-automation-center-active-directory-machine-account-management-extension/.
I read this article on VCO workflow which is very good & this is what I am looking for. But I am not able to make it work. I added all the custom properties and tried to execute manually and also through server build. But its getting failed with below error. Any help to get this workflow for me is really appreciated. Thanks again..
TypeError: Cannot read property “organizationalUnits” from null (Workflow:Pre-create AD computer account in OU / Get OU & domain name (item3)#31)