Automatically building a Microsoft BI machine using PowerShell – Active Directory Setup (post #7)
01 Dec 2015This post is #7 in the series to automatically build a Microsoft BI machine using PowerShell – see the start of series.
In this series so far:
Start of series – introduction and layout of subjects Post #2 – Preparation: install files using Azure disk Post #3 – Preparation: install files using Azure File Service Post #4 –Preparation: logging infrastructure Post #5 – Master script Post #6 – Disabling Internet Explorer Enhanced Security Configuration
In this step we will set up Active Directory. This script has been inspired on http://blogs.technet.com/b/ashleymcglone/archive/2013/04/18/touch-free-powershell-dcpromo-in-windows-server-2012.aspx.
#Set up Active Directory #source: http://blogs.technet.com/b/ashleymcglone/archive/2013/04/18/touch-free-powershell-dcpromo-in-windows-server-2012.aspx Function SetupActiveDirectory { Param( [Parameter(Mandatory=$true,HelpMessage="Domain name required, please specify in format yyy.zzz")] [ValidateNotNullOrEmpty()] $DomainName ) Write-Log -Verbose "Step 2: Set up Active Directory" try { Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools if ($global:DoAllTasks) { Set-Restart-AndResume $global:script "3" } } catch { Write-Log -Verbose "Failed to set up Active Directory. Error: $_.Exception.Message" } } Function SetupActiveDirectoryPart2 { Param( [Parameter(Mandatory=$true,HelpMessage="Domain name required, please specify in format yyy.zzz")] [ValidateNotNullOrEmpty()] $DomainName ) Write-Log -Verbose "Step 2: Set up Active Directory" try { Import-Module ADDSDeployment $dotposition = $DomainName.LastIndexOf('.') $netbiosname = $DomainName.Substring(0,$dotposition) $result = Install-ADDSForest -DomainName $DomainName -InstallDNS:$true -Confirm:$false -NoRebootOnCompletion:$true -Force:$true -DatabasePath "C:\Windows\NTDS" -DomainMode Win2012R2 -ForestMode Win2012R2 -LogPath "C:\Windows\NTDS" -SysvolPath "C:\Windows\SYSVOL" -DomainNetbiosName $netbiosname Write-Log -Verbose "Active Directory set up done" if ($global:DoAllTasks) { Set-Restart-AndResume $global:script "4" } } catch { Write-Log -Verbose "Failed to set up Active Directory. Error: $_.Exception.Message" } }
Next step: configuring a very permissive password policy.