This post is #7 in the series to automatically build a Microsoft BI machine using PowerShell – see the start of series.
In this series so far:
Start of series – introduction and layout of subjects
Post #2 – Preparation: install files using Azure disk
Post #3 – Preparation: install files using Azure File Service
Post #4 –Preparation: logging infrastructure
Post #5 – Master script
Post #6 – Disabling Internet Explorer Enhanced Security Configuration
In this step we will set up Active Directory. This script has been inspired on http://blogs.technet.com/b/ashleymcglone/archive/2013/04/18/touch-free-powershell-dcpromo-in-windows-server-2012.aspx.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 |
#Set up Active Directory #source: http://blogs.technet.com/b/ashleymcglone/archive/2013/04/18/touch-free-powershell-dcpromo-in-windows-server-2012.aspx Function SetupActiveDirectory { Param( [Parameter(Mandatory=$true,HelpMessage="Domain name required, please specify in format yyy.zzz")] [ValidateNotNullOrEmpty()] $DomainName ) Write-Log -Verbose "Step 2: Set up Active Directory" try { Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools if ($global:DoAllTasks) { Set-Restart-AndResume $global:script "3" } } catch { Write-Log -Verbose "Failed to set up Active Directory. Error: $_.Exception.Message" } } Function SetupActiveDirectoryPart2 { Param( [Parameter(Mandatory=$true,HelpMessage="Domain name required, please specify in format yyy.zzz")] [ValidateNotNullOrEmpty()] $DomainName ) Write-Log -Verbose "Step 2: Set up Active Directory" try { Import-Module ADDSDeployment $dotposition = $DomainName.LastIndexOf('.') $netbiosname = $DomainName.Substring(0,$dotposition) $result = Install-ADDSForest -DomainName $DomainName -InstallDNS:$true -Confirm:$false -NoRebootOnCompletion:$true -Force:$true -DatabasePath "C:\Windows\NTDS" -DomainMode Win2012R2 -ForestMode Win2012R2 -LogPath "C:\Windows\NTDS" -SysvolPath "C:\Windows\SYSVOL" -DomainNetbiosName $netbiosname Write-Log -Verbose "Active Directory set up done" if ($global:DoAllTasks) { Set-Restart-AndResume $global:script "4" } } catch { Write-Log -Verbose "Failed to set up Active Directory. Error: $_.Exception.Message" } } |
Next step: configuring a very permissive password policy.