mirror of
https://github.com/dockur/windows.git
synced 2025-10-27 19:35:49 +00:00
56 lines
No EOL
2.2 KiB
PowerShell
56 lines
No EOL
2.2 KiB
PowerShell
# scripts/dc_setup.ps1
|
|
|
|
# TODO: remove to avoid priv errors
|
|
# Start-Transcript -Path "$env:TEMP\transcript.log" -Force
|
|
|
|
# --- Script Parameters ---
|
|
$DomainName = "ttpl.local"
|
|
$DomainNetbiosName = "TTPL"
|
|
$AdminPassword = "P@raveeen123" # Use a secure method in production
|
|
|
|
# TODO: features may be already installed, but check if domain is other than WORKGROUP
|
|
# --- Idempotency Check: Exit if already a Domain Controller ---
|
|
# Write-Host "Checking if this server is already a Domain Controller..."
|
|
# if ((Get-WindowsFeature -Name AD-Domain-Services).Installed) {
|
|
# Write-Host "Active Directory Domain Services are already installed. Exiting script."
|
|
# exit
|
|
# }
|
|
Write-Host "Server is not a DC. Proceeding with configuration."
|
|
|
|
# --- 1. Network Configuration ---
|
|
Write-Host "Configuring static IP address..."
|
|
$ipAddress = "192.168.10.20"
|
|
$subnetMask = "255.255.255.0"
|
|
$gateway = "192.168.10.1"
|
|
$dnsServer = "127.0.0.1" # The DC is its own DNS server
|
|
|
|
# TODO: MSFT doc uses New-NetIPAddress, but it fails if IP already exists fixit
|
|
Get-NetAdapter | ForEach-Object {
|
|
$_ | New-NetIPAddress -AddressFamily IPv4 -IPAddress $ipAddress -PrefixLength 24 -DefaultGateway $gateway
|
|
$_ | Set-DnsClientServerAddress -ServerAddresses $dnsServer
|
|
}
|
|
Write-Host "Static IP configured."
|
|
|
|
# --- 2. Install Active Directory Domain Services ---
|
|
Write-Host "Installing AD-Domain-Services role..."
|
|
Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools
|
|
|
|
# --- 3. Promote to Domain Controller ---
|
|
Write-Host "Promoting server to a Domain Controller for '$DomainName'..."
|
|
$securePassword = ConvertTo-SecureString $AdminPassword -AsPlainText -Force
|
|
|
|
Install-ADDSForest `
|
|
-CreateDnsDelegation:$false `
|
|
-DatabasePath "C:\WINDOWS\NTDS" `
|
|
-DomainMode "Win2025" ` # Using a more compatible default
|
|
-DomainName $DomainName `
|
|
-DomainNetbiosName $DomainNetbiosName `
|
|
-ForestMode "Win2025" `
|
|
-InstallDns:$true `
|
|
-LogPath "C:\WINDOWS\NTDS" `
|
|
-SysvolPath "C:\WINDOWS\SYSVOL" `
|
|
-Force:$true `
|
|
-SafeModeAdministratorPassword $securePassword
|
|
|
|
# The promotion process will automatically trigger a reboot.
|
|
Write-Host "Configuration complete. The server will restart automatically." |