PowerShell script om Windows Server 2019 of 2022 in te stellen als Domain Controller.
LET OP: Zet dit script in C:\Scripts\ van de VM en sla het daarin op als: 2_InstallAD.ps1
Dit script wordt dan aangeroepen vanuit het script 1_PrepareDC.ps1
Auteur: Marcel Runte
Datum: 01-2024
# Script als RunAs Administrator runnen
if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
Start-Process PowerShell -Verb RunAs "-NoProfile -ExecutionPolicy Bypass -Command `"cd '$pwd'; & '$PSCommandPath';`"";
exit;
}
# Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
#Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Bypass -Force
<# Installatie en configuratie van de server tot Domain Controller #>
$DomainName = "GenG.LOCAL"
$DomainNetBiosName= "GenG"
$SafemodePW = ConvertTo-SecureString -string "Welkom!123" -AsPlainText -Force
Write-Host -ForegroundColor Green 'Active Directory en DNS installeren...'
Write-Host -ForegroundColor Yellow 'Negeer de WARNING-berichten en wacht geduldig af.'
Write-Host -ForegroundColor Green 'De server herstart automatisch als Active Directory is geïnstalleerd!'
$Null = Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools
$Null = Install-WindowsFeature DNS -IncludeManagementTools
#Server promoten naar Domain Controller
Write-Host -ForegroundColor Green 'Server tot Domain Controller promoten...'
$Null = Install-ADDSForest -DomainName $DomainName -DomainNetBiosName $DomainNetBiosName -CreateDnsDelegation:$false -InstallDns:$true -SafeModeAdministratorPassword $SafemodePW -NoRebootOnCompletion:$false -Force
# AutoLogon weer uitschakelen
# $username = 'geng\administrator'
$username = '$DomainNetBiosName\Administrator'
#$password = 'Pa$$w0rd'
#$password = Get-Content C:\Scripts\pw.txt
$RegistryLocation = 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon'
Remove-ItemProperty $RegistryLocation -Name 'AutoAdminLogon'
Remove-ItemProperty $RegistryLocation -Name 'DefaultUsername'
Remove-ItemProperty $RegistryLocation -Name 'DefaultPassword'
# De gebruiker 'SQLAgent' aanmaken voor de SQL Agent service
function Set-RunOnce
{
[CmdletBinding()]
param
(
#The Name of the Registry Key in the Autorun-Key.
[string]
$KeyName = 'Run',
#Command to run
[string]
$Command = '%systemroot%\System32\WindowsPowerShell\v1.0\powershell.exe -executionpolicy bypass -file C:\Scripts\3_AddSQLServerAccount.ps1'
)
if (-not ((Get-Item -Path HKLM:\Software\Microsoft\Windows\CurrentVersion\RunOnce).$KeyName ))
{
New-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\RunOnce' -Name $KeyName -Value $Command -PropertyType ExpandString
}
else
{
Set-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\RunOnce' -Name $KeyName -Value $Command -PropertyType ExpandString
}
}
# De Functie 'Set-RunOnce' aanroepen om na de herstart het SQL Server Agent account in de AD aan te maken
$Null = Set-RunOnce
Write-Host -Foregroudcolor Blue 'De gebruiker "SQLAgent" wordt na de reboot in de AD aangemaakt.'
Start-Sleep 10
Add-Content -Path C:\Users\Administrator\Desktop\Uitzetten.ps1 -Value "Stop-Computer"
Write-Host 'Installatie afronden...' -ForegroundColor Green
Write-Host 'De computer herstart automatisch!'
Write-Host '.'
Start-Sleep -s 60
Restart-Computer