This post has been updated from a previous post.
If you want to build your own SharePoint 2016 in Azure, you may have noticed that SharePoint 2016 is not available in the marketplace, and you can only select the SharePoint Server 2016 trial. Instead, we can use Azure PowerShell to create our SharePoint 2016 farm. There are few benefits to using a script:
- Customize the farm your own way rather than using templates from the market place; and
- Re-use the script to deploy more farms
Requirements
The following are Azure requirements to make the PowerShell script work; if you don’t follow the requirements, the script will fail and you may end on deleting resources and resource groups that have been created:
- You must have Azure PowerShell 1.0.0.0 or later installed
- You cannot user administrator as local admin main account for your VMs
- Your password must be between 13 and 123 characters long and it must be a mix of lower case, upper case, numbers and special characters
Script
Follow these steps in sequence to create your SharePoint 2016 farm in Azure:
# Sign in with your Azure account Login-AzureRMAccount # List your subscription names Get-AzureRMSubscription | Sort SubscriptionName | Select SubscriptionName # Set your Azure subscription $subscrName="<Your Azure Subscription Name>" # Create your new resource group in a data center location $rgName="<resource group name> " $locName="<location name>" New-AzureRMResourceGroup -Name $rgName -Location $locName # Create your new storage account $saName="<Storage account name>" New-AzureRMStorageAccount -Name $saName -ResourceGroupName $rgName -Type Standard_LRS -Location $locName # Create the Azure virtual network $rg=Get-AzureRmResourceGroup -Name $rgName $locShortName=$rg.Location $spSubnet=New-AzureRMVirtualNetworkSubnetConfig -Name SP2016Subnet -AddressPrefix 10.0.0.0/24 New-AzureRMVirtualNetwork -Name SP2016Vnet -ResourceGroupName $rgName -Location $locName -AddressPrefix 10.0.0.0/16 -Subnet $spSubnet -DNSServer 10.0.0.4 $rule1=New-AzureRMNetworkSecurityRuleConfig -Name "RDPTraffic" -Description "Allow RDP to all VMs on the subnet" -Access Allow -Protocol Tcp -Direction Inbound -Priority 100 -SourceAddressPrefix Internet -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 3389 $rule2 = New-AzureRMNetworkSecurityRuleConfig -Name "WebTraffic" -Description "Allow HTTP to the SharePoint server" -Access Allow -Protocol Tcp -Direction Inbound -Priority 101 -SourceAddressPrefix Internet -SourcePortRange * -DestinationAddressPrefix "10.0.0.6/32" -DestinationPortRange 80 New-AzureRMNetworkSecurityGroup -Name SP2016Subnet -ResourceGroupName $rgName -Location $locShortName -SecurityRules $rule1, $rule2 $vnet=Get-AzureRMVirtualNetwork -ResourceGroupName $rgName -Name SP2016Vnet $nsg=Get-AzureRMNetworkSecurityGroup -Name SP2016Subnet -ResourceGroupName $rgName Set-AzureRMVirtualNetworkSubnetConfig -VirtualNetwork $vnet -Name SP2016Subnet -AddressPrefix "10.0.0.0/24" -NetworkSecurityGroup $nsg # Create and configure AD VM # Create an availability set for domain controller virtual machines New-AzureRMAvailabilitySet -Name dcAvailabilitySet -ResourceGroupName $rgName -Location $locName # Create the domain controller virtual machine $vnet=Get-AzureRMVirtualNetwork -Name SP2016Vnet -ResourceGroupName $rgName $pip = New-AzureRMPublicIpAddress -Name adVM-PIP -ResourceGroupName $rgName -Location $locName -AllocationMethod Dynamic $nic = New-AzureRMNetworkInterface -Name adVM-NIC -ResourceGroupName $rgName -Location $locName -SubnetId $vnet.Subnets[0].Id -PublicIpAddressId $pip.Id -PrivateIpAddress 10.0.0.4 $avSet=Get-AzureRMAvailabilitySet -Name dcAvailabilitySet -ResourceGroupName $rgName $vm=New-AzureRMVMConfig -VMName adVM -VMSize Standard_D1_v2 -AvailabilitySetId $avSet.Id $storageAcc=Get-AzureRMStorageAccount -ResourceGroupName $rgName -Name $saName $vhdURI=$storageAcc.PrimaryEndpoints.Blob.ToString() + "vhds/adVM-SP2016Vnet-ADDSDisk.vhd" Add-AzureRMVMDataDisk -VM $vm -Name ADDS-Data -DiskSizeInGB 20 -VhdUri $vhdURI -CreateOption empty $cred=Get-Credential -Message "Type the name and password of the local administrator account for adVM." $vm=Set-AzureRMVMOperatingSystem -VM $vm -Windows -ComputerName adVM -Credential $cred -ProvisionVMAgent -EnableAutoUpdate $vm=Set-AzureRMVMSourceImage -VM $vm -PublisherName MicrosoftWindowsServer -Offer WindowsServer -Skus 2012-R2-Datacenter -Version "latest" $vm=Add-AzureRMVMNetworkInterface -VM $vm -Id $nic.Id $osDiskUri=$storageAcc.PrimaryEndpoints.Blob.ToString() + "vhds/adVM-SP2016Vnet-OSDisk.vhd" $vm=Set-AzureRMVMOSDisk -VM $vm -Name adVM-SP2016Vnet-OSDisk -VhdUri $osDiskUri -CreateOption fromImage New-AzureRMVM -ResourceGroupName $rgName -Location $locName -VM $vm # Make adVM a domain controller in the new domain forest Install-WindowsFeature AD-Domain-Services -IncludeManagementTools Install-ADDSForest -DomainName SP2016Dev.com -DatabasePath "F:\NTDS" -SysvolPath "F:\SYSVOL" -LogPath "F:\Logs" # Install Windows Server AD tools and add the sp_farm_db user account Add-WindowsFeature RSAT-ADDS-Tools New-ADUser -SamAccountName sp_farm_db -AccountPassword (read-host "Set user password" -assecurestring) -name "sp_farm_db" -enabled $true -PasswordNeverExpires $true -ChangePasswordAtLogon $false # Create and configure sqlVM # Create an availability set for SQL Server virtual machines New-AzureRMAvailabilitySet -Name sqlAvailabilitySet -ResourceGroupName $rgName -Location $locName # Create the sqlVM virtual machine $vmName="sqlVM" $vmSize="Standard_D3_V2" $vnet=Get-AzureRMVirtualNetwork -Name "SP2016Vnet" -ResourceGroupName $rgName $nicName=$vmName + "-NIC" $pipName=$vmName + "-PIP" $pip=New-AzureRMPublicIpAddress -Name $pipName -ResourceGroupName $rgName -Location $locName -AllocationMethod Dynamic $nic=New-AzureRMNetworkInterface -Name $nicName -ResourceGroupName $rgName -Location $locName -SubnetId $vnet.Subnets[0].Id -PublicIpAddressId $pip.Id -PrivateIpAddress "10.0.0.5" $avSet=Get-AzureRMAvailabilitySet -Name sqlAvailabilitySet -ResourceGroupName $rgName $vm=New-AzureRMVMConfig -VMName $vmName -VMSize $vmSize -AvailabilitySetId $avSet.Id $diskSize=100 $diskLabel="SQLData" $storageAcc=Get-AzureRMStorageAccount -ResourceGroupName $rgName -Name $saName $vhdURI=$storageAcc.PrimaryEndpoints.Blob.ToString() + "vhds/" + $vmName + "-SQLDataDisk.vhd" Add-AzureRMVMDataDisk -VM $vm -Name $diskLabel -DiskSizeInGB $diskSize -VhdUri $vhdURI -CreateOption empty $cred=Get-Credential -Message "Type the name and password of the local administrator account of the SQL Server computer." $vm=Set-AzureRMVMOperatingSystem -VM $vm -Windows -ComputerName $vmName -Credential $cred -ProvisionVMAgent -EnableAutoUpdate $vm=Set-AzureRMVMSourceImage -VM $vm -PublisherName MicrosoftSQLServer -Offer SQL2014SP1-WS2012R2 -Skus Standard -Version "latest" $vm=Add-AzureRMVMNetworkInterface -VM $vm -Id $nic.Id $storageAcc=Get-AzureRMStorageAccount -ResourceGroupName $rgName -Name $saName $osDiskUri=$storageAcc.PrimaryEndpoints.Blob.ToString() + "vhds/" + $vmName + "-OSDisk.vhd" $vm=Set-AzureRMVMOSDisk -VM $vm -Name "OSDisk" -VhdUri $osDiskUri -CreateOption fromImage New-AzureRMVM -ResourceGroupName $rgName -Location $locName -VM $vm # Add sqlVM to the domain. Add-Computer -DomainName " SP2016Dev.com" Restart-Computer # Configure Windows Firewall to allow SQL traffic New-NetFirewallRule -DisplayName "SQL Server ports 1433, 1434, and 5022" -Direction Inbound -Protocol TCP -LocalPort 1433,1434,5022 -Action Allow # Create and configure spVM New-AzureRMAvailabilitySet -Name spAvailabilitySet -ResourceGroupName $rgName -Location $locName # Specify the virtual machine name and size $vmName="spVM" $vmSize="Standard_D3_V2" $vm=New-AzureRMVMConfig -VMName $vmName -VMSize $vmSize # Create the NIC for the virtual machine $nicName=$vmName + "-NIC" $pipName=$vmName + "-PIP" $pip=New-AzureRMPublicIpAddress -Name $pipName -ResourceGroupName $rgName -DomainNameLabel $dnsName -Location $locName -AllocationMethod Dynamic $vnet=Get-AzureRMVirtualNetwork -Name "SP2016Vnet" -ResourceGroupName $rgName $nic=New-AzureRMNetworkInterface -Name $nicName -ResourceGroupName $rgName -Location $locName -SubnetId $vnet.Subnets[0].Id -PublicIpAddressId $pip.Id -PrivateIpAddress "10.0.0.6" $avSet=Get-AzureRMAvailabilitySet -Name spAvailabilitySet -ResourceGroupName $rgName $vm=New-AzureRMVMConfig -VMName $vmName -VMSize $vmSize -AvailabilitySetId $avSet.Id # Specify the image and local administrator account, and then add the NIC $pubName="MicrosoftSharePoint" $offerName="MicrosoftSharePointServer" $skuName="2016" $cred=Get-Credential -Message "Type the name and password of the local administrator account." $vm=Set-AzureRMVMOperatingSystem -VM $vm -Windows -ComputerName $vmName -Credential $cred -ProvisionVMAgent -EnableAutoUpdate $vm=Set-AzureRMVMSourceImage -VM $vm -PublisherName $pubName -Offer $offerName -Skus $skuName -Version "latest" $vm=Add-AzureRMVMNetworkInterface -VM $vm -Id $nic.Id # Specify the OS disk name and create the VM $diskName="OSDisk" $storageAcc=Get-AzureRMStorageAccount -ResourceGroupName $rgName -Name $saName $osDiskUri=$storageAcc.PrimaryEndpoints.Blob.ToString() + "vhds/" + $vmName + $diskName + ".vhd" $vm=Set-AzureRMVMOSDisk -VM $vm -Name $diskName -VhdUri $osDiskUri -CreateOption fromImage New-AzureRMVM -ResourceGroupName $rgName -Location $locName -VM $vm # Add spVM to the domain. Add-Computer -DomainName " SP2016Dev.com" Restart-Computer