How to join an Active Directory domain with PowerShell DSC
To support me, you can subscribe to the channel, share and like the videos, disable your ad blocker, purchase my 3D plans, or make a donation or subscribe on Ko-Fi. Thank you!
Hello,
Fourth and final article presenting different methods for installing Active Directory:
- Installing Microsoft Active Directory via the graphical interface (server 2012, 2012r2, 2016, 2019, 2022)
- Install Microsoft Active Directory via the dcpromo command(server 2003, 2008, 2008r2, 2012, 2012r2, 2016, 2019, 2022)
- Install Microsoft Active Directory via Powershell (server 2012, 2012r2, 2016, 2019, 2022)
- Installing Microsoft Active Directory via Powershell DSC (server 2016, 2019, 2022)
You can also install a domain using DSC (Desired State Configuration).
The corresponding DSC modules are required.
In this example, DSC will rename the machine, give it a fixed IP, and install and configure the Active Directory role.
Note: In production, remember to change the password for restoring directory services (DSRM) and the password for the administrator account, especially read the documentation on password management in DSC.
# Installing DSC modules.$module = @( 'networkingdsc', 'activedirectorydsc', 'ComputerManagementdsc' )Install-module $module -force# This is a demo code, for production, review the management of identifiers# and read the Microsoft documentation on DSC and the storage of identifiers.# Identifiers for installing the domain and for DSRM$passwd = ConvertTo-SecureString 'P@ssword' -AsPlainText -Force$id = New-Object System.Management.Automation.PSCredential('administrateur',$passwd)# DSC engine configuration[DSCLocalConfigurationManager()]configuration LCMConfig{ Node localhost { settings { ActionAfterReboot = 'ContinueConfiguration' ConfigurationMode = 'ApplyOnly' RebootNodeIfNeeded = $true } }}LCMConfigSet-DscLocalConfigurationManager -ComputerName localhost -Force -Verbose -path .\LCMConfig# To avoid errors when using identifiers in DSC$configData = @{ AllNodes = @( @{ NodeName = 'localhost'; PSDscAllowPlainTextPassword = $true } ) }# Création de la configuration DSCconfiguration Demo-AD{ param ( [string[]]$NodeName ='localhost', [Parameter(Mandatory)][string]$ComputerName, [Parameter(Mandatory)][string]$DomainName, [Parameter(Mandatory)][string]$IP, [Parameter()]$cred=$id ) # Import des ressources DSC Import-DscResource -Module ActiveDirectoryDSC Import-DscResource -Module NetworkingDSC Import-DscResource -Module ComputerManagementDSC Import-DscResource -Module PSDesiredStateConfiguration Node $NodeName { Computer NewNameAndWorkgroup { Name = $ComputerName }
WindowsFeature ADDSInstall { Ensure = 'Present' Name = 'AD-Domain-Services' IncludeAllSubFeature = $true } WindowsFeature RSATTools { DependsOn= '[WindowsFeature]ADDSInstall' Ensure = 'Present' Name = 'RSAT-AD-Tools' IncludeAllSubFeature = $true } IPAddress NewIPAddress { IPAddress = $IP InterfaceAlias = 'Ethernet' AddressFamily = 'IPV4' } ADDomain SetupDomain { Credential = $cred DomainName = $DomainName SafemodeAdministratorPassword = $cred DependsOn ='[WindowsFeature]RSATTools' ForestMode = 'WinThreshold' } }}# Creating the DSC configuration fileDemo-AD -ComputerName DC1 -DomainName domaine.tld -ip '192.168.10.1/24' -ConfigurationData $configData# Application of the DSC fileStart-DscConfiguration -ComputerName localhost -Wait -Force -Verbose -path .\Demo-AD -DebugFind out more about DSC:
https://docs.microsoft.com/en-us/powershell/scripting/dsc/overview/dscforengineers?view=powershell-5.1
Video : How to join an Active Directory domain with PowerShell DSC
Related links
How to install Active Directory via the graphical interface
First of four articles showcasing different methods for installing Active DirectoryHow to join an Active Directory domain with PowerShell DSC
How to join an Active Directory domain with PowerShell DSCHow to install Active Directory using Powershell
This is the third of four articles presenting different methods of installing Active DirectoryHow to install Active Directory using the dcpromo command
Second of four articles presenting different methods for installing Active DirectoryFix an Active Directory sign-on approval relationship error
How to fix a sign-on approval relationship error in Active DirectoryHow to create a multiboot USB key with the Ventoy tool
It's useful to have a multiboot USB stick containing operating system images or troubleshooting tools that you can boot from if you need to
Follow me on
Support me
E-shop
Last content
Powershell - Simply send objects to different variables
Portsmouth Vintage Travel poster - hueforge
Andalucia vintage poster - hueforge
Paris Travel poster - hueforge