How to join an Active Directory domain with PowerShell DSC
To support me, you can subscribe to the channel, share and like the videos, disable your ad blocker or make a donation. Thank you!
Hello,
Fourth and final article presenting different methods for installing Active Directory:
- Installing Microsoft Active Directory via the graphical interface (server 2012, 2012r2, 2016, 2019, 2022)
- Install Microsoft Active Directory via the dcpromo command(server 2003, 2008, 2008r2, 2012, 2012r2, 2016, 2019, 2022)
- Install Microsoft Active Directory via Powershell (server 2012, 2012r2, 2016, 2019, 2022)
- Installing Microsoft Active Directory via Powershell DSC (server 2016, 2019, 2022)
You can also install a domain using DSC (Desired State Configuration).
The corresponding DSC modules are required.
In this example, DSC will rename the machine, give it a fixed IP, and install and configure the Active Directory role.
Note: In production, remember to change the password for restoring directory services (DSRM) and the password for the administrator account, especially read the documentation on password management in DSC.
# Installing DSC modules.$module = @( 'networkingdsc', 'activedirectorydsc', 'ComputerManagementdsc' )Install-module $module -force# This is a demo code, for production, review the management of identifiers# and read the Microsoft documentation on DSC and the storage of identifiers.# Identifiers for installing the domain and for DSRM$passwd = ConvertTo-SecureString 'P@ssword' -AsPlainText -Force$id = New-Object System.Management.Automation.PSCredential('administrateur',$passwd)# DSC engine configuration[DSCLocalConfigurationManager()]configuration LCMConfig{ Node localhost { settings { ActionAfterReboot = 'ContinueConfiguration' ConfigurationMode = 'ApplyOnly' RebootNodeIfNeeded = $true } }}LCMConfigSet-DscLocalConfigurationManager -ComputerName localhost -Force -Verbose -path .\LCMConfig# To avoid errors when using identifiers in DSC$configData = @{ AllNodes = @( @{ NodeName = 'localhost'; PSDscAllowPlainTextPassword = $true } ) }# Création de la configuration DSCconfiguration Demo-AD{ param ( [string[]]$NodeName ='localhost', [Parameter(Mandatory)][string]$ComputerName, [Parameter(Mandatory)][string]$DomainName, [Parameter(Mandatory)][string]$IP, [Parameter()]$cred=$id ) # Import des ressources DSC Import-DscResource -Module ActiveDirectoryDSC Import-DscResource -Module NetworkingDSC Import-DscResource -Module ComputerManagementDSC Import-DscResource -Module PSDesiredStateConfiguration Node $NodeName { Computer NewNameAndWorkgroup { Name = $ComputerName }
WindowsFeature ADDSInstall { Ensure = 'Present' Name = 'AD-Domain-Services' IncludeAllSubFeature = $true } WindowsFeature RSATTools { DependsOn= '[WindowsFeature]ADDSInstall' Ensure = 'Present' Name = 'RSAT-AD-Tools' IncludeAllSubFeature = $true } IPAddress NewIPAddress { IPAddress = $IP InterfaceAlias = 'Ethernet' AddressFamily = 'IPV4' } ADDomain SetupDomain { Credential = $cred DomainName = $DomainName SafemodeAdministratorPassword = $cred DependsOn ='[WindowsFeature]RSATTools' ForestMode = 'WinThreshold' } }}# Creating the DSC configuration fileDemo-AD -ComputerName DC1 -DomainName domaine.tld -ip '192.168.10.1/24' -ConfigurationData $configData# Application of the DSC fileStart-DscConfiguration -ComputerName localhost -Wait -Force -Verbose -path .\Demo-AD -DebugFind out more about DSC:
https://docs.microsoft.com/en-us/powershell/scripting/dsc/overview/dscforengineers?view=powershell-5.1
Video : How to join an Active Directory domain with PowerShell DSC
Related links
How to install Active Directory via the graphical interface
First of four articles showcasing different methods for installing Active DirectoryHow to join an Active Directory domain with PowerShell DSC
How to join an Active Directory domain with PowerShell DSCHow to install Active Directory using Powershell
This is the third of four articles presenting different methods of installing Active DirectoryHow to install Active Directory using the dcpromo command
Second of four articles presenting different methods for installing Active DirectoryFix an Active Directory sign-on approval relationship error
How to fix a sign-on approval relationship error in Active DirectoryHow to create a multiboot USB key with the Ventoy tool
It's useful to have a multiboot USB stick containing operating system images or troubleshooting tools that you can boot from if you need to
Follow me on
Support me
Last content
Powershell - Export-Csv versus Export-Clixml
Powershell - Overview of Where-Object basic syntax and its limitations
Powershell - Hyper-V - Give a custom name to a virtual network adapter
Powershell - How to add and view a GPO description
Powershell - Displaying and changing the power mode in Windows
Powershell - Adding a line to a file from a specific line
Windows 11 - how to organise your Start menu
Overview of the different types of application in Windows
Windows - Get remote help easily with Quick Assist
How to add and change languages in Windows 10 and Windows 11