Create AD Forest with PowerShell


Have I mentioned that I love PowerShell? Yes? Thought so...

Here's YET ANOTHER reason why I love PowerShell. Take a look at how easy it is to create an Active Directory forest:

Step 1 - Install Binaries on Server

Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools

  

This primes our server for promotion...

 

Step 2 - Promote Server to DC in New Forest

$AdminPassword = "6T7Ge9p15TiBiGtEah54mK"

Install-ADDSForest -CreateDnsDelegation:$False `

-DatabasePath "Z:\Windows\NTDS" `

-DomainMode "Win2012R2" `

-DomainName "fabrikam.com" `

-DomainNetbiosName "fabrikam" `

-ForestMode "Win2012R2" `

-InstallDns:$True `

-LogPath "Z:\Windows\NTDS" `

-NoRebootOnCompletion:$False `

-SysvolPath "Z:\Windows\SYSVOL" `

-Force:$True `

-SafeModeAdministratorPassword ($AdminPassword | ConvertTo-SecureString -AsPlainText -Force) `

-SkipPreChecks

 

This promotes our server as the first Domain Controller in a new forest. Let's look at those parameters:

  • CreateDNSDelegation - not necessary as we're spinning up a new forest
  • DatabasePath - where to find NTDS.dit
  • DomainMode - the domain functional level
  • DomainName - FQDN of the top-level domain
  • DomainNetbiosName - FQDN of the domain
  • ForestMode - the forest functional level
  • InstallDns - yes, please!
  • LogPath - where to find the install log
  • NoRebootOnCompletion - we need to reboot, otherwise no forest
  • SysvolPath - where to find our friendly, neighbourhood SYSVOL
  • Force - use the... yes, really!
  • SafeModeAdministratorPassword - how we boot into DSRM
  • SkipPreChecks - see below...

 

I include SkipPreChecks because I've usually run the Test-ADDSForestInstallation cmdlet to check I'm good to go. 

Isn't it Valentine's Day soon?

What's that? I've missed it?!

Ah, that explains the recent frosty atmosphere in the PoSh abode...

Comments (2)

  1. Anonymous says:

    Yes, it really is this easy to create a child Active Directory domain with PowerShell!

  2. anonymouscommenter says:

    We all should have a test lab. Individual, organisation or PoSh chicken: a test lab is a must.

Skip to main content