File tree Expand file tree Collapse file tree 4 files changed +38
-3
lines changed
aws_rdp_domain_controller
aws_rdp_member_server_with_worker Expand file tree Collapse file tree 4 files changed +38
-3
lines changed Original file line number Diff line number Diff line change @@ -271,6 +271,15 @@ resource "aws_instance" "domain_controller" {
271271
272272 user_data = << EOF
273273 <powershell>
274+ # Configure the server to use reliable external NTP sources and mark itself as reliable
275+ # We use pool.ntp.org, a public cluster of time servers. 0x9 flag means Client + SpecialInterval.
276+ w32tm /config /manualpeerlist:"pool.ntp.org,0x9" /syncfromflags:manual /reliable:yes /update
277+ # Restart the Windows Time service to apply the new configuration
278+ Stop-Service w32time
279+ Start-Service w32time
280+ # Force an immediate time synchronization
281+ w32tm /resync /force
282+
274283 $password = ConvertTo-SecureString ${ random_string . DSRMPassword . result } -AsPlainText -Force
275284 Add-WindowsFeature -name ad-domain-services -IncludeManagementTools
276285
Original file line number Diff line number Diff line change @@ -61,6 +61,15 @@ resource "aws_instance" "member_server" {
6161
6262 user_data = << EOF
6363 <powershell>
64+ # Configure the server to use reliable external NTP sources and mark itself as reliable
65+ # We use pool.ntp.org, a public cluster of time servers. 0x9 flag means Client + SpecialInterval.
66+ w32tm /config /manualpeerlist:"pool.ntp.org,0x9" /syncfromflags:manual /reliable:yes /update
67+ # Restart the Windows Time service to apply the new configuration
68+ Stop-Service w32time
69+ Start-Service w32time
70+ # Force an immediate time synchronization
71+ w32tm /resync /force
72+
6473 %{ if var . server_version != " 2016" }
6574 # set variables for retry loops
6675 $timeout = 300
Original file line number Diff line number Diff line change @@ -87,6 +87,15 @@ resource "aws_instance" "worker" {
8787
8888 user_data = << EOF
8989 <powershell>
90+ # Configure the server to use reliable external NTP sources and mark itself as reliable
91+ # We use pool.ntp.org, a public cluster of time servers. 0x9 flag means Client + SpecialInterval.
92+ w32tm /config /manualpeerlist:"pool.ntp.org,0x9" /syncfromflags:manual /reliable:yes /update
93+ # Restart the Windows Time service to apply the new configuration
94+ Stop-Service w32time
95+ Start-Service w32time
96+ # Force an immediate time synchronization
97+ w32tm /resync /force
98+
9099 # set variables for retry loops
91100 $timeout = 300
92101 $interval = 30
Original file line number Diff line number Diff line change @@ -19,11 +19,19 @@ $newPath = $existingPath + ";" + $destination
1919)
2020
2121# create a trigger that will run boundary at startup
22- $trigger = New-JobTrigger - AtStartup
22+ $trigger = New-ScheduledTaskTrigger - AtStartup
2323$configPath = Join-path ${test_dir} - ChildPath " worker.hcl"
2424$jobLog = Join-path ${test_dir} - ChildPath " worker.out"
25- $command = " boundary server -config `" $configPath `" *> $jobLog "
26- Register-ScheduledJob boundary - ScriptBlock ([ScriptBlock ]::Create($command )) - Trigger $trigger
25+
26+ New-Item - Path C:/ Test/ worker_task.ps1 - ItemType File - Value " boundary server -config $configPath *> $jobLog "
27+ $action = New-ScheduledTaskAction - Execute ' powershell.exe' - Argument ' -File C:/Test/worker_task.ps1'
28+ Register-ScheduledTask - TaskName " boundary" - Action $action - Trigger $trigger - User " SYSTEM" - RunLevel Highest - Force
29+
30+ # set the task to have no execution time limit
31+ $Task = Get-ScheduledTask - TaskName " boundary"
32+ $Task.Settings.ExecutionTimeLimit = " PT0H" # zero hours
33+ Set-ScheduledTask $Task
2734
2835# Restart the computer to apply changes
36+ # Needed for adding the computer to the domain from the user_data script
2937shutdown - r - t 10
You can’t perform that action at this time.
0 commit comments