为OCI上的通用Windows Server实例生成密码

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了为OCI上的通用Windows Server实例生成密码相关的知识,希望对你有一定的参考价值。

据我了解,Oracle默认的Windows服务器映像利用Cloudbase-Init和Unattend.xml文件来为用户生成密码,但是我对此非常好奇,因为我试图使用该映像创建自己的映像预安装其他软件。我想生成一个随机密码,并明确地不需要用户更改它。上面说的是我尝试过的(我只包括Unattend.xml文件的generalize部分):

尝试#1

[我的第一次尝试,就是尽我所能,模仿了我所能知道的默认图像在做什么。这与使用Oracle的默认Windows 2019 Standard映像从广义实例中提取的无人参与和cloubase配置文件相同。使用这些密码后,系统会提示用户在登录时更改其密码。

Unattend.xml

  <settings pass="generalize">
    <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
    </component>
    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <RunSynchronous>
        <RunSynchronousCommand wcm:action="add">
          <Order>1</Order>
          <Path>cmd.exe /c ""c:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\Scripts\cloudbase-init.exe" --config-file "c:\Program Files\Cloudbase Solutions\Cloudbase-Init\conf\cloudbase-init-unattend.conf" &amp;&amp; exit 1 || exit 2"</Path>
          <Description>Run Cloudbase-Init to set the hostname</Description>
          <WillReboot>OnRequest</WillReboot>
        </RunSynchronousCommand>
      </RunSynchronous>
    </component>
  </settings>

cloudbase-init-unattend.conf

[DEFAULT]
username=opc
groups=Administrators
bsdtar_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\bsdtar.exe
mtools_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\
verbose=true
debug=true
logdir=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\log\
logfile=cloudbase-init-unattend.log
default_log_levels=comtypes=INFO,suds=INFO,iso8601=WARN,requests=WARN
logging_serial_port_settings=COM1,9600,N,8
local_scripts_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\LocalScripts\
metadata_services=cloudbaseinit.metadata.services.httpservice.HttpService
plugins=cloudbaseinit.plugins.windows.winrmlistener.ConfigWinRMListenerPlugin,cloudbaseinit.plugins.common.userdata.UserDataPlugin
allow_reboot=false
stop_service_on_exit=false
check_latest_version=false

尝试#2

第二次尝试,我试图在无人参与文件中添加命令,这将导致不提示用户更改密码。我使用了与尝试#1相同的cloubase配置文件。概括后,仍然提示用户选择新密码。

Unattend.xml

  <settings pass="generalize">
    <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
    </component>
    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <RunSynchronous>
        <RunSynchronousCommand wcm:action="add">
          <Order>1</Order>
          <Path>cmd.exe /c "net user opc /logonpasswordchg:no &amp;&amp; exit 1 || exit 2</Path>
          <Description>Ensure the opc user does not have to reset their password</Description>
          <WillReboot>Never</WillReboot>
        </RunSynchronousCommand>
        <RunSynchronousCommand wcm:action="add">
          <Order>2</Order>
          <Path>cmd.exe /c ""c:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\Scripts\cloudbase-init.exe" --config-file "c:\Program Files\Cloudbase Solutions\Cloudbase-Init\conf\cloudbase-init-unattend.conf" &amp;&amp; exit 1 || exit 2"</Path>
          <Description>Run Cloudbase-Init to set the hostname</Description>
          <WillReboot>OnRequest</WillReboot>
        </RunSynchronousCommand>
      </RunSynchronous>
    </component>
  </settings>

尝试#3

第三次尝试,我更改了无人参与文件中的命令顺序,以便在处理了Cloudbase初始化配置之后,告诉净用户登录时不要更改其密码。我再次使用与尝试#1和#2相同的cloubase配置文件。概括后,仍然提示用户选择新密码。

Unattend.xml

  <settings pass="generalize">
    <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
    </component>
    <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <RunSynchronous>
        <RunSynchronousCommand wcm:action="add">
          <Order>1</Order>
          <Path>cmd.exe /c ""c:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\Scripts\cloudbase-init.exe" --config-file "c:\Program Files\Cloudbase Solutions\Cloudbase-Init\conf\cloudbase-init-unattend.conf" &amp;&amp; exit 1 || exit 2"</Path>
          <Description>Run Cloudbase-Init to set the hostname</Description>
          <WillReboot>OnRequest</WillReboot>
        </RunSynchronousCommand>
        <RunSynchronousCommand wcm:action="add">
          <Order>2</Order>
          <Path>cmd.exe /c "net user opc /logonpasswordchg:no &amp;&amp; exit 1 || exit 2</Path>
          <Description>Ensure the opc user does not have to reset their password</Description>
          <WillReboot>Never</WillReboot>
        </RunSynchronousCommand>
      </RunSynchronous>
    </component>
  </settings>

这些方法都不产生我想要的东西。我还尝试使用Cloudbase-Init中的插件生成密码,但是似乎Oracle Cloud Agent覆盖了该密码,因为我完全无法通过RDP登录,而没有使用Cloudbase插件,我可以登录但无法登录。在设置新密码之前访问桌面。

这引出了一个问题:这里什么不起作用?这是配置问题,还是我从根本上误解了此过程的工作方式?

我将感谢任何人可能提出的任何建议,或其他人创建的示例实现。谢谢!

答案

尽管我无法获得Unattend.xml文件来自动运行命令,但事实证明,最简单的解决方案是使用Cloudbase-Init用户数据提供命令。最终的userdata脚本最终看起来像这样:

rem cmd
net user opc /logonpasswordchg:no

以上是关于为OCI上的通用Windows Server实例生成密码的主要内容,如果未能解决你的问题,请参考以下文章

通过Oracle Enterprise Manager管理OCI上的ADG

通过Oracle Enterprise Manager管理OCI上的ADG

通过Oracle Enterprise Manager管理OCI上的ADG

使用 Windows 身份验证模式连接到 VM 上的 SQL Server 实例

没有这样的主机是已知的(Powershell/OCI)

sql server 2012复制数据库在同一主机上的两个实例之间失败