Windows Server Active Directory Powershell Microsoft Exchange

Exchange 2013 Lab Tutorial: Part 2: AD Domain Controller and Installation

Andy Grogan

In the previous part of this series (Part 1), I took you through to the point where you now have a basic Hyper-V guest which can be used as the domain controller for your Exchange 2013 Test Lab. In this part I would like to take you through how you can install Active Directory on that guest machine.

Now it is important to note that the process of installing AD on Windows Server 2012 is very different to previous versions of Windows. In versions of Windows from 2000 through to 2008R2 it was as simple as dropping to a command line and typing “DCPROMO” – but in Windows 2012 DCPROMO has been depreciated. You can type it in – but you will be told to use the Server Manager to perform an install of Active Directory Domain Services.

You can use the Server Manager to install Active Directory (but where is the fun in that?) – so, you guessed it – you can also use PowerShell.

So for the purposes of this article in the series I decided to write an Powershell automation script for the installation of Active Directory on the domain controller in our LAB.

As I said you can use the GUI – but I personally found that Powershell was quicker and less cumbersome.

Active Directory Installation Script

You can download the script from the link provided in the Download section below – or copy and paste it to your Guest Machine from the Script section.

Remember that this script is only designed for the following scenarios:

Creating a new forest
Creating a new domain
Promoting your VM to a domain controller

It should not be used to add a domain controller to an existing forest / domain.

The script performs the following actions:

Imports the ServerManager Modules (to allow for the add-WindowsFeature cmdlet to function)
Installs the AD-DOMAIN-SERVICES role and the management tools
Imports the ADDSDeployment module to allow for the configuration of Active Directory Services (after they have been installed)
Defines a function that uses the Install-ADDSForest cmdlet which accepts the following parameters:
- Directory Database Path
- Directory Log Path
- Directory SysVol Path
- The AD Domain Name
- The NetBIOS domain Name
Gets the above values from the user
Creates the Database, Log File and SysVol folder structure
Installs Active Directory Services

If you examine the script you will see a number of other parameters that are used in conjunction with the Install-ADDSForest cmdlet – these are as follows:

-DomainMode – this configures the Domain Functional Mode that the first domain (that the script creates) is configured to work under. The script configures this to be “Win2012”.
-ForestMode – This configures the Forest Functional Level for the test LAB – the script sets this to be “Win2012”.
-CreateDnsDelegation – (as per Microsoft) Indicates whether to create a DNS delegation that references the new DNS server that you are installing along with the domain controller. Valid for Active Directory-integrated DNS only. The default is computed automatically based on the environment. The script sets this to false.
-NoRebootonCompletion – Instruct the Install-ADDSForest cmdlet to either reboot or not reboot automatically – the script has this set to $true, which means that you will need to reboot manually after completion.

<# 
    Author: A.Grogan
    http://www.telnetport25.com
    Version 0.1
#>

Import-Module ServerManager
Write-Host "*******************************************************"
Write-Host "*"
Write-Host "* Windows 2012 - Prepare Active Directory Script"
Write-Host "* For Windows 2012 Servers Only"
Write-Host "* Version 0.1"
Write-Host "* Will prepare the first Forest, Domain and Domain Controller"
Write-Host "* on Windows Server 2012"
Write-Host "*******************************************************"
Write-Host ""
Write-Host "Installing Required Windows Feature" -ForegroundColor Cyan
Write-Host ""
Install-WindowsFeature AD-Domain-Services -IncludeManagementTools
Import-Module ADDSDeployment


function inst_AD{

    param($DatabasePath,$LogPath,$SysVolPath,$DomainName,$DomainNETBIOS)
    Install-ADDSForest -DomainMode Win2012 -ForestMode Win2012 -DomainNetbiosName $DomainNETBIOS -CreateDnsDelegation:$false -DatabasePath "$DatabasePath" -DomainName "$DomainName" -InstallDns:$true -LogPath "$LogPath" -NoRebootOnCompletion:$true -SysvolPath "$SysVolPath"

}

Write-Host "Getting AD Information - please answer the following questions" -ForegroundColor White

$DName = Read-Host "Please provide domain name for you AD Installation"
$NetB = Read-Host "Please provide the NETBIOS name for this domain"
$DBPath = Read-Host "Please provide a path for the Directory Database"
$LPath = Read-Host "Please provide a parth for the Directory Logs"
$SVol = Read-Host "Please provide a path for the SysVol folder"
Write-Host ""
Write-Host "Creating Directories" -ForegroundColor Green
New-Item $DBPath -ItemType Directory -Force
New-Item $LPath -ItemType Directory -Force
New-Item $SVol -ItemType Directory -Force
Write-Host ""
inst_AD $DBPath $LPath $SVol $DName $NetB

Installing Active Directory on your Windows 2012 Domain Controller

In order to install Active Directory on the LAB domain controller – I downloaded the above script to my VM guest (well actually I wrote it on the Domain Controller; but you get what I mean).

Before you use the script in your environments you will need to ensure that your server’s Powershell execution policy is set to “RemoteSigned”.

Then open a Powershell console window and navigate to the location where the script is located on your VM, and type the following:

.\instADWindows2012.ps1

The script will then execute – firstly it will install the Active Directory Domain Services role and management tools and then it will prompt you for the DNS domain name for your AD domain. In my Lab I have used “artTest.local”

The script will then prompt you further for the following information:

NetBIOSName for the domain
Location of the Directory database (this MUST NOT have a trailing slash at the end)
Location of the Directory Logs (this MUST NOT have a trailing slash at the end)
Location of the Directory SysVOL folder (this MUST NOT have a trailing slash at the end)

You will be prompted for the “SafeModeAdministratorPassword” – this is the equivalent of the traditional “Directory Services Restore Mode” Password of old but can also be used when starting the Domain Controller in “Safe Mode”.

Andy5

You will then be asked to confirm that you wish for the installation process to configure your server as a domain controller – confirm with “Y” to continue.

Andy6

The Install-ADDSForest cmdlet will then continue with the installation of the Director Services on your domain controller.

Andy7

During the configuration you may see a number of warnings similar to those in the example below – these can be safely ignored as this is a test Lab that will only consist of Windows 2012 machines and no other DNS servers.

andy8

When the process has completed you will be presented with a short summary of the actions completed. You will need to reboot your VM.

andy9

To reboot the machine – type:

Restart-Computer

At the management shell prompt.

Andy10

Stay Tuned for Part 3

We are getting nearer the “sexy” parts in terms of Exchange 2013, however I will be focusing on installing Certificate Services on your new Domain Controller.

Andy Grogan

Andy Grogan [ MVP (Exchange) ]Andy is an experienced senior IT professional who is comfortable managing both large, complex technical IT environments and operating at the strategic IT direction level. He has a strong background in 3rd tier technical, data center operations management and solution design which has been built up over 16 years of experience within the IT industry in both private and public sectors - working with many frameworks and disciplines. During his career, Andy has held roles ranging from 1st and 2nd line support, head of 3rd line operations, and head of technical services all the way through head of IT. Holding such a diverse array of positions has given him a deep understanding not only of how IT organizations work from the ground level up, but how they can and should operate delivering quality services to the businesses which they support. Andy has a demonstrable track record in the design, sourcing, project management and implementation of large scale technical projects and a very eclectic technical experience base, founded predominately in Microsoft technologies (Exchange, AD, SQL, SCOM, Windows Server). He has also worked with or managed the delivery of IBM (storage, P-Series and TSM), HP (servers and storage), Cisco (routers, switches, firewalls, IPT), VMWare (ESX, ESXi,VSphere), Citrix(MetaFrame,XPe,PS4,XenApp) and Data Center / IT operations management. Andy is a 4-time recipient of Microsoft’s Most Valued Professional award for Exchange Server (2009, 2010, 2011 and 2012), and a well-known author within the international Exchange community, writing content for sites such as TechTarget, MSExchange.org, ENow and his own personal site telnetport25.com.