Powershell

One of the little things I did for fun a while back was setup a Server 2008 Core box as a stand Alone DC.   I kept thinking to myself “Oh won’t this be cool! Other admins can’t mess with my stuff!”

In truth a Server 2008 R2 Core box as your DC makes perfect sense.   Really what IS the box supposed to do?  Hold Active Directory.   You don’t NEED a GUI to hold that.   But in R2 it’s even better with Powershell.   We have the option to manage that box without an external GUI (You still can).  But using Powershell it’s all easily repeatable.

Imagine this.  You’re on an airplane.   HR has just emailed you a list of 50 new people that need to have accounts ready in four hours.  Why?  Big data entry project and they’ve decided (Without asking you of course, because that NEVER happens) that these 50 people need to be prepped on Active Directory.

With Powershell you can actually Run that remotely on the server over a slow WAN link.  Even on a REALLY bad server, it would only take a minute to copy paste that CSV and execute it.

Cool?  Trying doing THAT on a GUI!

So let’s look at the first part, making a Server 2008R2 Core box into a DC.   This is actually easy.  You still use the same command, “DCPROMO.EXE”. The only difference is you supply the parameters. 

There are two ways to do it, one is an answerfile (A text file the DRPROMO calls up with all the parameters) or you CAN just type it directly into the line (which I think is pretty darn cool!)

To find out what parameters you can pass to DCPromo you can pull up this Technet Article which provides some good instruction. 

But in a pinch (since I’ll typically not have internet, it’s slow or … well… I’m LAZY, I can run THIS command in a command prompt

DCPROMO /?:Promotion

Which will show me all the parameters required for the Promotion of a Domain Controller. 

So again, two ways.   The First manner is typing it all in the Command line in one shot (Nerdy Cool)

So for the following setup

NETBIOS Name : CONTOSO-INC

DNS Name : HEADOFFICE.CONTOSO.COM

SafeModePassword : BadPassword4You

Admin Password : Prompted

DCPROMO /ReplicaOrNewDomain:Domain /DomainLevel:4
/DomainNetBiosName:CONTOSO-INC
/InstallDNS:Yes /NewDomain:Forest
/NewDomainDNSName:HeadOffice.CONTOSO.Com
/Password:* /RebootOnCompletion:Yes /RebootOnSuccess:Yes
/SafeModeAdminPassword:"BadPassword4You"

Now looking at that, THAT is a mouthful.   And truly chances a typo, which is why the ANSWER.TXT file is preferred by many.  To use the Answer.Txt file for promoting the name just fire up notepad and key in the following details for the same Domain.  This Article on Technet references the fight format for the Unattended answer file.

[DCINSTALL]
ReplicaOrNewDomain=Domain
DomainLevel=4
DomainNetBiosName=CONTOSO-INC
InstallDNS=Yes
NewDomain=Forest
NewDomainDNSName=HeadOffice.CONTOSO.Com
Password=*
RebootOnCompletion=No
RebootOnSuccess=No
SafeModeAdminPassword="BadPassword4You"

If you save this text file as DOMAINANSWER.TXT and run the command

DCPROMO /UNATTEND:DOMAINANSWER.TXT

This will create on a Server 2008R2 Core box a BRAND NEW Domain called “CONTOSO-INC” with a DNS name of “HEADOFFICE.CONTOSO.COM”.  It will install the needed DNS and reboot when done

Next time we’ll look at MANAGING that Domain with JUST Powershell on the same box.   GUI is an option, but it’s nice the know we can do it all from Powershell.

 

The Power of Shell is in YOU

Sean
The Energized Tech

Advertisements