-
Notifications
You must be signed in to change notification settings - Fork 141
ADDomain
johlju edited this page Aug 8, 2019
·
6 revisions
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| DomainName | Key | String | The fully qualified domain name (FQDN) of the new domain. | |
| Credential | Required | PSCredential | Specifies the user name and password that corresponds to the account used to install the domain controller. | |
| SafemodeAdministratorPassword | Required | PSCredential | Password for the administrator account when the computer is started in Safe Mode. | |
| ParentDomainName | Write | String | Fully qualified domain name (FQDN) of the parent domain. | |
| DomainNetbiosName | Write | String | NetBIOS name for the new domain. | |
| DnsDelegationCredential | Write | PSCredential | Credential used for creating DNS delegation. | |
| DatabasePath | Write | String | Path to a directory that contains the domain database. | |
| LogPath | Write | String | Path to a directory for the log file that will be written. | |
| SysvolPath | Write | String | Path to a directory where the Sysvol file will be written. | |
| ForestMode | Write | String | The Forest Functional Level for the entire forest. | Win2008, Win2008R2, Win2012, Win2012R2, WinThreshold |
| DomainMode | Write | String | The Domain Functional Level for the entire domain. | Win2008, Win2008R2, Win2012, Win2012R2, WinThreshold |
The ADDomain resource creates a new domain in a new forest or a child domain in an existing forest. While it is possible to set the forest functional level and the domain functional level during deployment with this resource the common restrictions apply. For more information see TechNet.
- Target machine must be running Windows Server 2008 R2 or later.
This configuration will create a new domain with a new forest and a forest functional level of Server 2016.
Configuration ADDomain_NewForest_Config
{
param
(
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[System.Management.Automation.PSCredential]
$Credential,
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[System.Management.Automation.PSCredential]
$SafeModePassword
)
Import-DscResource -ModuleName PSDscResources
Import-DscResource -ModuleName ActiveDirectoryDsc
node 'localhost'
{
WindowsFeature 'ADDS'
{
Name = 'AD-Domain-Services'
Ensure = 'Present'
}
WindowsFeature 'RSAT'
{
Name = 'RSAT-AD-PowerShell'
Ensure = 'Present'
}
ADDomain 'contoso.com'
{
DomainName = 'contoso.com'
Credential = $Credential
SafemodeAdministratorPassword = $SafeModePassword
ForestMode = 'WinThreshold'
}
}
}This configuration will create a new child domain in an existing forest with a Domain Functional Level of Windows Server 2012R2.
Configuration ADDomain_NewChildDomain_Config
{
param
(
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[System.Management.Automation.PSCredential]
$Credential,
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[System.Management.Automation.PSCredential]
$SafeModePassword
)
Import-DscResource -ModuleName PSDscResources
Import-DscResource -ModuleName ActiveDirectoryDsc
node 'localhost'
{
WindowsFeature 'ADDS'
{
Name = 'AD-Domain-Services'
Ensure = 'Present'
}
WindowsFeature 'RSAT'
{
Name = 'RSAT-AD-PowerShell'
Ensure = 'Present'
}
ADDomain 'child'
{
DomainName = 'child'
Credential = $Credential
SafemodeAdministratorPassword = $SafeModePassword
DomainMode = 'Win2012R2'
ParentDomainName = 'contoso.com'
}
}
}- ADComputer
- ADDomain
- ADDomainController
- ADDomainControllerProperties
- ADDomainDefaultPasswordPolicy
- ADDomainFunctionalLevel
- ADDomainTrust
- ADFineGrainedPasswordPolicy
- ADForestFunctionalLevel
- ADForestProperties
- ADGroup
- ADKDSKey
- ADManagedServiceAccount
- ADObjectEnabledState
- ADObjectPermissionEntry
- ADOptionalFeature
- ADOrganizationalUnit
- ADReadOnlyDomainControllerAccount
- ADReplicationSite
- ADReplicationSiteLink
- ADReplicationSubnet
- ADServicePrincipalName
- ADUser
- Home
- WaitForADDomain