Have I mentioned that I love PowerShell? Yes? Thought so...
Here's YET ANOTHER reason why I love PowerShell. Take a look at how easy it is to create an Active Directory forest:
Step 1 - Install Binaries on Server
Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools
This primes our server for promotion...
Step 2 - Promote Server to DC in New Forest
$AdminPassword = "6T7Ge9p15TiBiGtEah54mK"
Install-ADDSForest -CreateDnsDelegation:$False `
-DatabasePath "Z:\Windows\NTDS" `
-DomainMode "Win2012R2" `
-DomainName "fabrikam.com" `
-DomainNetbiosName "fabrikam" `
-ForestMode "Win2012R2" `
-LogPath "Z:\Windows\NTDS" `
-SysvolPath "Z:\Windows\SYSVOL" `
-SafeModeAdministratorPassword ($AdminPassword | ConvertTo-SecureString -AsPlainText -Force) `
This promotes our server as the first Domain Controller in a new forest. Let's look at those parameters:
- CreateDNSDelegation - not necessary as we're spinning up a new forest
- DatabasePath - where to find NTDS.dit
- DomainMode - the domain functional level
- DomainName - FQDN of the top-level domain
- DomainNetbiosName - FQDN of the domain
- ForestMode - the forest functional level
- InstallDns - yes, please!
- LogPath - where to find the install log
- NoRebootOnCompletion - we need to reboot, otherwise no forest
- SysvolPath - where to find our friendly, neighbourhood SYSVOL
- Force - use the... yes, really!
- SafeModeAdministratorPassword - how we boot into DSRM
- SkipPreChecks - see below...
I include SkipPreChecks because I've usually run the Test-ADDSForestInstallation cmdlet to check I'm good to go.
Isn't it Valentine's Day soon?
What's that? I've missed it?!
Ah, that explains the recent frosty atmosphere in the PoSh abode...