|
| 1 | +# Overview |
| 2 | + |
| 3 | +This script installs a pay-as-you-go SQL Server instance on your machine and automatically connects it to Azure using a downloaded SQL Server media. |
| 4 | + |
| 5 | +# Prerequisites |
| 6 | + |
| 7 | +- You have met the [onboarding prerequisites](https://learn.microsoft.com/sql/sql-server/azure-arc/prerequisites). |
| 8 | +- You have downloaded a SQL Server image file from the workspace provided by Microsoft technical support. To obtain it, open a support request using the "Get SQL Installation Media" subcategory and specify the desired version and edition. |
| 9 | +- You are logged in to the machine with an administrator account. |
| 10 | +- If you are installing SQL Server on Windows Server 2016, you have a secure TLS configuration as described below. |
| 11 | + |
| 12 | + |
| 13 | +# Mitigating the TLS version issue on Windows Server 2016 |
| 14 | + |
| 15 | +When running the script on Windows Server 2016, the OS may be configured with a TLS version that does not meet the Azure security requirements. You need to enable strong TLS versions (TLS 1.2 and 1.3) when they are available, while still supporting older TLS versions (1.0 and 1.1) when TLS 1.2 and 1.3 are unavailable. You need to also disable versions SSL2 and SSL3, which are insecure. |
| 16 | + |
| 17 | +To see if you need to make the change, run the command below from an elevated PowerShell prompt. |
| 18 | +```PowerShell |
| 19 | +[Net.ServicePointManager]::SecurityProtocol |
| 20 | +``` |
| 21 | + |
| 22 | +If the result is `SSL3, Tls`, you need to fix the TLS version by running the following commands. |
| 23 | + |
| 24 | +```PowerShell |
| 25 | +Set-ItemProperty -Path 'HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord |
| 26 | +Set-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord |
| 27 | +``` |
| 28 | + |
| 29 | +After running these commands, reboot the machine (in case currently-running applications were referencing previous values). To verify that the changes were applied correctly, run this command again: |
| 30 | + |
| 31 | +```PowerShell |
| 32 | +[Net.ServicePointManager]::SecurityProtocol |
| 33 | +``` |
| 34 | +The result should be `Tls, Tls11, Tls12, Tls13` |
| 35 | + |
| 36 | +# Downloading the script |
| 37 | + |
| 38 | +To download the script to your current folder run: |
| 39 | + |
| 40 | +```console |
| 41 | +curl https://raw.githubusercontent.com/microsoft/sql-server-samples/master/samples/manage/azure-arc-enabled-sql-server/install-payg-sql-server/install-payg-sql-server.ps1 -o install-payg-sql-server.ps1 |
| 42 | +``` |
| 43 | + |
| 44 | +# Launching the script |
| 45 | + |
| 46 | +The script must be run in an elevated PowerShell session. It accepts the following command line parameters: |
| 47 | + |
| 48 | +| **Parameter** | **Value** | **Description** | |
| 49 | +|:--|:--|:--| |
| 50 | +|-AzureSubscriptionId|subscription_id|Required: Subscription id that will contain the Arc-enabled machine and Arc-enable SQL Server resources. That subscription will be billed for SQL Server software using a pay-as-you-go method. | |
| 51 | +|-AzureResourceGroup |resource_group_name|Required: Resource group that will contain the Arc-enabled machine and Arc-enable SQL Server resource.| |
| 52 | +|-AzureRegion |region name| Required: the region to store the machuine and SQL Server meta-data. | |
| 53 | +|-SqlServerInstanceName | name of the instance|Optional: the machine name will be used if not specified| |
| 54 | +|-SqlServerAdminAccounts | SQL Server admin accounts | Optional. By default "BUILTIN\ADMINISTRATORS" will be used.| |
| 55 | +|-SqlServerSvcAccount| SQL Server services account |Optional. By default "NT AUTHORITY\NETWORK SERVICE" will be used.| |
| 56 | +|-SqlServerSvcPassword| SQL Server service account password| Required if a custom service account is specified.| |
| 57 | +|-AgtServerSvcAccount|SQL Agent service account|Optional. By default "NT AUTHORITY\NETWORK SERVICE" will be used.| |
| 58 | +|-AgtServerSvcPassword|SQL Agent service account password|Required if a custom service account is specified.| |
| 59 | +|-IsoFolder|Folder path|Required. The folder containing the files downloaded from the workspace.| |
| 60 | +|-Proxy|HTTP proxy URL|Optional. Needed if your networks is configured with an HTTP proxy.| |
| 61 | + |
| 62 | +# Example |
| 63 | + |
| 64 | +The following command installs a SQL Server instance from the Downloads folder, connects it to subscription ID `<sub_id>`, resource group `<resource_group>` in the West US region, and configures it with LicenseType=PAYG. It uses the default admin and service accounts, and uses a direct connection to Azure. |
| 65 | + |
| 66 | +```PowerShell |
| 67 | +.\install-payg-sql-server.ps1 -AzureSubscriptionId <sub_id> -AzureResourceGroup <resource_group> -AzureRegion westus -IsoFolder C:\Users\[YourUsername]\Downloads |
| 68 | +
|
| 69 | +``` |
0 commit comments