Download
$UserCredential = Get-Credential #SecurityGroupNameSFDSSEC $SecurityGroupNameSFDSSEC = "FSLogix_Share_Elevated_Contributor" #SecurityGroupNameSFDSSC $SecurityGroupNameSFDSSC = "WVD_Users" #resourceGroupName variables Write-Host "Please type Azure Resource Group Name " -NoNewline Write-Host " [LOOK OUT!!! NO SPACES] " -ForegroundColor Red -NoNewline $resourceGroupName = Read-Host #resourceGroupName variables Write-Host "Please type the Azure Storage Account Name " -NoNewline Write-Host " [LOOK OUT!!! ITs MUST BE UNIGUE and NO SPACES] " -ForegroundColor Red -NoNewline $storageAccountName = Read-Host #shareName variables Write-Host "Please type the Azure Storage Share Name " -NoNewline Write-Host " [LOOK OUT!!! NO SPACES and LOWERCASE] " -ForegroundColor Red -NoNewline $shareName = Read-Host #$FileShareSize variables Write-Host "Please type the File Share Size in GB " -NoNewline Write-Host " [LOOK OUT!!! ONLY NUMBERS] " -ForegroundColor Red -NoNewline $FileShareSize = Read-Host #subscriptions variables $subscriptions = Read-Host "Please type the Azure Subscriptions ID" #Activate rights on Azure AD Group variables $SFDSSC = Get-AzRoleDefinition "Storage File Data SMB Share Contributor" $SFDSSEC = Get-AzRoleDefinition "Storage File Data SMB Share Elevated Contributor" $scope = "/subscriptions/$subscriptions/resourceGroups/$resourceGroupName/providers/Microsoft.Storage/storageAccounts/$storageAccountName/fileServices/default/fileshares/$shareName" Connect-AzureAD -Credential $UserCredential #Create a Azure AD Group for FSLogix Share Elevated Contributor New-AzureADMSGroup -Description $SecurityGroupNameSFDSSEC -DisplayName $SecurityGroupNameSFDSSEC -MailEnabled $false -SecurityEnabled $true -MailNickname $SecurityGroupNameSFDSSEC -GroupTypes "DynamicMembership" -MembershipRule ' (User.userPrincipalName -match "WVD@domain.onmicrosoft.com")' -MembershipRuleProcessingState "On" $objectIdSFDSSEC = (Get-AzureADGroup -Filter "DisplayName eq '$SecurityGroupNameSFDSSEC'").objectId #Create a Azure AD Group for WVD Users New-AzureADMSGroup -Description $SecurityGroupNameSFDSSC -DisplayName $SecurityGroupNameSFDSSC -MailEnabled $false -SecurityEnabled $true -MailNickname $SecurityGroupNameSFDSSC -GroupTypes "DynamicMembership" -MembershipRule 'All users' -MembershipRuleProcessingState "On" $objectIdSFDSSC = (Get-AzureADGroup -Filter "DisplayName eq '$SecurityGroupNameSFDSSC'").objectId # Create a new Resource Group New-AzResourceGroup -Name $resourceGroupName -Location "westeurope" ##### Create a new Storage Account Premium_LRS ###### ##New-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $storageAccountName -Location "westeurope" -SkuName Premium_LRS -Kind FileStorage -EnableAzureActiveDirectoryDomainServicesForFile $true ##### Create a new Storage Account Premium_LRS ###### ##### Create a new Storage Account Standard_LRS ###### ##New-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $storageAccountName -Location "westeurope" -SkuName Standard_LRS -Kind StorageV2 -EnableAzureActiveDirectoryDomainServicesForFile $true ##### Create a new Storage Account Standard_LRS ###### # Obtain Account Key for new Storage Account $storageKey = (Get-AzStorageAccountKey -ResourceGroupName $resourceGroupName -Name $storageAccountName).Value[0] # Set context to new Storage Account $storageContext = New-AzStorageContext -StorageAccountName $storageAccountName -StorageAccountKey $storageKey # Create new File Share within the Storage Account New-AzStorageShare -Name $shareName -Context $storageContext # Resize the newly created File Share Set-AzStorageShareQuota -ShareName $shareName -Context $Context -Quota $FileShareSize # Set rights on Share With Azure AD Group New-AzRoleAssignment -ObjectId $objectIdSFDSSC -RoleDefinitionName $SFDSSC.Name -Scope $scope New-AzRoleAssignment -ObjectId $objectIdSFDSSEC -RoleDefinitionName $SFDSSEC.Name -Scope $scope