为OCI上的通用Windows Server实例生成密码
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了为OCI上的通用Windows Server实例生成密码相关的知识,希望对你有一定的参考价值。
据我了解,Oracle默认的Windows服务器映像利用Cloudbase-Init和Unattend.xml文件来为用户生成密码,但是我对此非常好奇,因为我试图使用该映像创建自己的映像预安装其他软件。我想生成一个随机密码,并明确地不需要用户更改它。上面说的是我尝试过的(我只包括Unattend.xml文件的generalize部分):
尝试#1
[我的第一次尝试,就是尽我所能,模仿了我所能知道的默认图像在做什么。这与使用Oracle的默认Windows 2019 Standard映像从广义实例中提取的无人参与和cloubase配置文件相同。使用这些密码后,系统会提示用户在登录时更改其密码。
Unattend.xml
<settings pass="generalize">
<component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>cmd.exe /c ""c:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\Scripts\cloudbase-init.exe" --config-file "c:\Program Files\Cloudbase Solutions\Cloudbase-Init\conf\cloudbase-init-unattend.conf" && exit 1 || exit 2"</Path>
<Description>Run Cloudbase-Init to set the hostname</Description>
<WillReboot>OnRequest</WillReboot>
</RunSynchronousCommand>
</RunSynchronous>
</component>
</settings>
cloudbase-init-unattend.conf
[DEFAULT]
username=opc
groups=Administrators
bsdtar_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\bsdtar.exe
mtools_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\
verbose=true
debug=true
logdir=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\log\
logfile=cloudbase-init-unattend.log
default_log_levels=comtypes=INFO,suds=INFO,iso8601=WARN,requests=WARN
logging_serial_port_settings=COM1,9600,N,8
local_scripts_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\LocalScripts\
metadata_services=cloudbaseinit.metadata.services.httpservice.HttpService
plugins=cloudbaseinit.plugins.windows.winrmlistener.ConfigWinRMListenerPlugin,cloudbaseinit.plugins.common.userdata.UserDataPlugin
allow_reboot=false
stop_service_on_exit=false
check_latest_version=false
尝试#2
第二次尝试,我试图在无人参与文件中添加命令,这将导致不提示用户更改密码。我使用了与尝试#1相同的cloubase配置文件。概括后,仍然提示用户选择新密码。
Unattend.xml
<settings pass="generalize">
<component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>cmd.exe /c "net user opc /logonpasswordchg:no && exit 1 || exit 2</Path>
<Description>Ensure the opc user does not have to reset their password</Description>
<WillReboot>Never</WillReboot>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>cmd.exe /c ""c:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\Scripts\cloudbase-init.exe" --config-file "c:\Program Files\Cloudbase Solutions\Cloudbase-Init\conf\cloudbase-init-unattend.conf" && exit 1 || exit 2"</Path>
<Description>Run Cloudbase-Init to set the hostname</Description>
<WillReboot>OnRequest</WillReboot>
</RunSynchronousCommand>
</RunSynchronous>
</component>
</settings>
尝试#3
第三次尝试,我更改了无人参与文件中的命令顺序,以便在处理了Cloudbase初始化配置之后,告诉净用户登录时不要更改其密码。我再次使用与尝试#1和#2相同的cloubase配置文件。概括后,仍然提示用户选择新密码。
Unattend.xml
<settings pass="generalize">
<component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>cmd.exe /c ""c:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\Scripts\cloudbase-init.exe" --config-file "c:\Program Files\Cloudbase Solutions\Cloudbase-Init\conf\cloudbase-init-unattend.conf" && exit 1 || exit 2"</Path>
<Description>Run Cloudbase-Init to set the hostname</Description>
<WillReboot>OnRequest</WillReboot>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>cmd.exe /c "net user opc /logonpasswordchg:no && exit 1 || exit 2</Path>
<Description>Ensure the opc user does not have to reset their password</Description>
<WillReboot>Never</WillReboot>
</RunSynchronousCommand>
</RunSynchronous>
</component>
</settings>
这些方法都不产生我想要的东西。我还尝试使用Cloudbase-Init中的插件生成密码,但是似乎Oracle Cloud Agent覆盖了该密码,因为我完全无法通过RDP登录,而没有使用Cloudbase插件,我可以登录但无法登录。在设置新密码之前访问桌面。
这引出了一个问题:这里什么不起作用?这是配置问题,还是我从根本上误解了此过程的工作方式?
我将感谢任何人可能提出的任何建议,或其他人创建的示例实现。谢谢!
尽管我无法获得Unattend.xml文件来自动运行命令,但事实证明,最简单的解决方案是使用Cloudbase-Init用户数据提供命令。最终的userdata脚本最终看起来像这样:
rem cmd
net user opc /logonpasswordchg:no
以上是关于为OCI上的通用Windows Server实例生成密码的主要内容,如果未能解决你的问题,请参考以下文章
通过Oracle Enterprise Manager管理OCI上的ADG
通过Oracle Enterprise Manager管理OCI上的ADG
通过Oracle Enterprise Manager管理OCI上的ADG