summaryrefslogtreecommitdiff
path: root/ansible/scripts
diff options
context:
space:
mode:
Diffstat (limited to 'ansible/scripts')
-rw-r--r--ansible/scripts/setup-adcs-esc.ps15
-rw-r--r--ansible/scripts/setup-mssql-link.ps12
-rw-r--r--ansible/scripts/setup-mssql.ps119
3 files changed, 14 insertions, 12 deletions
diff --git a/ansible/scripts/setup-adcs-esc.ps1 b/ansible/scripts/setup-adcs-esc.ps1
index 44fc8d5..eafa8b6 100644
--- a/ansible/scripts/setup-adcs-esc.ps1
+++ b/ansible/scripts/setup-adcs-esc.ps1
@@ -2,7 +2,7 @@ param (
[string]$DomainName = "contoso.com"
)
$scriptName = $MyInvocation.MyCommand.Name
-$logFile = "C:\$scriptName_log.txt"
+$logFile = "C:\Logs\${scriptName}_log.txt"
Start-Transcript -Path $logFile -Append
Import-Module ADCSTemplate
@@ -15,6 +15,7 @@ Get-ChildItem -Path "C:\setup\templates" -Filter *.json | % {
-JSON (Get-Content "C:\setup\templates\$_" -Raw) `
-Identity "$DomainName\Domain Users" `
-Publish
+ Write-Host "[inf] Created vulnerable ADCS template $_"
}
}
-Stop-Transcript \ No newline at end of file
+Stop-Transcript
diff --git a/ansible/scripts/setup-mssql-link.ps1 b/ansible/scripts/setup-mssql-link.ps1
index 46aab23..42e437d 100644
--- a/ansible/scripts/setup-mssql-link.ps1
+++ b/ansible/scripts/setup-mssql-link.ps1
@@ -1,6 +1,6 @@
param
(
- [string]$LinkServer = "mssql02"
+ [string]$LinkServer = "adcs01"
)
$scriptName = $MyInvocation.MyCommand.Name
$logFile = "C:\Logs\${scriptName}_log.txt"
diff --git a/ansible/scripts/setup-mssql.ps1 b/ansible/scripts/setup-mssql.ps1
index c37ee42..5b4c1a5 100644
--- a/ansible/scripts/setup-mssql.ps1
+++ b/ansible/scripts/setup-mssql.ps1
@@ -1,8 +1,9 @@
param
(
- [string]$DomainName = "contoso.com",
- [string]$SvcUsername = "svc_mssql02",
- [string]$SvcPassword = "Svc1234!"
+ [string]$DomainName = "contoso.com",
+ [string]$SQLSvcUsername = "svc_mssql02",
+ [string]$IISSvcUsername = "svc_iis01",
+ [string]$SvcPassword = "Svc1234!"
)
$scriptName = $MyInvocation.MyCommand.Name
$logFile = "C:\Logs\${scriptName}_log.txt"
@@ -73,18 +74,18 @@ Restart-Service -Name "MSSQL`$SQLEXPRESS"
try {
$env:Path += ";C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn"
- SqlCmd -E -Q "CREATE LOGIN [$NetBiosName\$SvcUsername] FROM WINDOWS"
- SqlCmd -E -Q "SP_ADDSRVROLEMEMBER '$NetBiosName\$SvcUsername', 'SYSADMIN'"
+ SqlCmd -E -Q "CREATE LOGIN [$NetBiosName\$SQLSvcUsername] FROM WINDOWS"
+ SqlCmd -E -Q "SP_ADDSRVROLEMEMBER '$NetBiosName\$SQLSvcUsername', 'SYSADMIN'"
SqlCmd -E -Q "ALTER LOGIN sa ENABLE"
SqlCmd -E -Q "ALTER LOGIN sa WITH PASSWORD = '$SvcPassword', CHECK_POLICY=OFF"
- SqlCmd -E -Q "CREATE LOGIN [CONTOSO\svc_iis01] FROM WINDOWS;"
- SqlCmd -E -Q "ALTER SERVER ROLE sysadmin ADD MEMBER [CONTOSO\svc_iis01];"
- Write-Host "[inf] Added $NetBiosName\$SvcUsername as MSSQL login and sysadmin"
+ SqlCmd -E -Q "CREATE LOGIN [$NetBiosName\$IISSvcUsername] FROM WINDOWS;"
+ SqlCmd -E -Q "ALTER SERVER ROLE sysadmin ADD MEMBER [$NetBiosName\$IISSvcUsername];"
+ Write-Host "[inf] Added $NetBiosName\$SQLSvcUsername as MSSQL login and sysadmin"
Write-Host "[inf] Enabled SA login"
} catch {
- Write-Host "[err] Failed to add $NetBiosName\$SvcUsername as MSSQL login and sysadmin"
+ Write-Host "[err] Failed to add $NetBiosName\$SQLSvcUsername as MSSQL login and sysadmin"
Write-Host "[err] Failed to enable SA login"
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-20 04:19:42 +0000