Vestengen
Enthusiast
Enthusiast

Uagdeploy powershell

Hi I'm trying to deploy UAG with powershell to vSphere. I manage to deploy with some settings (enough to configure Tunnel, Content Gateway, SEG), but I want to set some other settings.


Disable CEIP (without enter ' no' )


Disable tls 1.1 Set admin password expiration to 0


Bonus: Set hardware compability and Guest OS Version (this is probably not very important) Have anybody been able to configure some of this settings with powershell ?


Petter

Labels (1)
0 Kudos
3 Replies
PatriciaGoncalv
Enthusiast
Enthusiast

I need to implement UAG soon, with powershell installed without problems?
0 Kudos
Vestengen
Enthusiast
Enthusiast

It's not really that hard to use powershell.
You need Ovftool: https://code.vmware.com/web/tool/4.3.0/ovf

Here is my .ini file (just change your info: names, ip's etc). This works for me, I just want to configure more.

[General]

#
# UAG virtual appliance unique name (between 1 and 32 characters).
# If name is not specified, the script will prompt for it.
#
# COmmand to execute: . or uagdeploy.ps1 -iniFile C: or temp or uag9-aw.ini -noSSLVerify
# -noSSLVerify is useful if you don't have valid certificates

name=UAG-Tunnel

#
# Full path filename of the UAG .ova virtual machine image
# The file can be obtained from VMware
#

source=C: or temp or euc-unified-access-gateway-3.7.0.0-14567523_OVF10.ova

#
# target refers to the vCenter username and address/hostname and the ESXi host for deployment
# Refer to the ovftool documentation for information about the target syntax.
# See https://www.vmware.com/support/developer/ovf/
# PASSWORD in upper case results in a password prompt during deployment so that passwords do not need
# to specified in this .INI file.
# In this example, the vCenter username is administrator@vsphere.local
#                  the vCenter server is 192.168.0.21 (this can be a hostname or IP address)
#                  the ESXi hostname is esx1.myco.int (this can be a hostname or IP address)
#

target=vi://administrator@vsphere.local:PASSWORD@192.168.0.21/Datacenter/host/Cluster1
# Datacenter is the name of my Datacenter, Cluster1 is the name of my cluster. If you don't have a cluster enter hostname or IP

#
# vSphere datastore name
#

ds=DatastoreName

#
# Disk provisioning mode. Refer to OVF Tool documentation for options.
#

diskMode=thin

#
# vSphere Network names. For pre 3.3 UAG versions, a vSphere Network Protocol Profile (NPP) must be associated with every referenced network name. This specifies
# network settings such as IPv4 subnet mask, gateway etc. UAG 3.3 and newer no longer uses NPPs and so for static IPv4 addresses a netmask0, netmask1 and netmask2
# value must be specified for each NIC. Normally a defaultGateway setting is also required.
#

netInternet=External
netManagementNetwork=External
netBackendNetwork=External

deploymentOption=onenic
ip0=192.168.1.18
netmask0=255.255.255.0
defaultGateway=192.168.1.1

#deploymentOption=twonic
#ip0=192.168.0.90
#netmask0=255.255.255.0
#ip1=192.168.0.91
#netmask1=255.255.255.0

#deploymentOption=threenic
#ip0=192.168.0.90
#netmask0=255.255.255.0
#ip1=192.168.0.91
#netmask1=255.255.255.0
#ip2=192.168.0.92
#netmask2=255.255.255.0

dns=192.168.1.10 192.168.1.1

#syslogUrl=syslog://server.example.com:514

#
# Setting honorCipherOrder to true forces the TLS cipher order to be the order specified by the server. This can be set on
# UAG 2.7.2 and newer to force the Forward Secrecy ciphers to be presented first to improve security.
#

honorCipherOrder=true


[Airwatch]
tunnelGatewayEnabled=true
tunnelProxyEnabled=true
apiServerUrl=https://api.server.com
apiServerUsername=domain or serviceaccount
organizationGroupCode=' OG ID'
airwatchServerHostname=uag.server.com

[AirwatchSecureEmailGateway]
memConfigurationId=' xxxxxxxxxxxxxxx'
apiServerUsername=domain or serviceaccount
ntlmAuthentication=false
healthCheckUrl=/favicon.ico
apiServerUrl=https://api.server.com
airwatchOutboundProxy=false
reinitializeGatewayProcess=false
airwatchServerHostname=uag.server.com

[AirWatchContentGateway]
cgConfigId=' xxxxxxxxxxxxxxx'
apiServerUsername=domain or serviceaccount
ntlmAuthentication=false
apiServerUrl=https://api.server.com
airwatchOutboundProxy=false
reinitializeGatewayProcess=false
airwatchServerHostname=uag.server.com
0 Kudos
PatriciaGoncalv
Enthusiast
Enthusiast

Petter,
Thank you for the help.
I don't have experience with Powershell, so it will help a lot. 😄
0 Kudos