Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- param(
- [SecureString] $SafeModeAdministratorPassword = (ConvertTo-SecureString -String 'P4$$word' -AsPlainText -Force),
- [string] $DomainName = 'adds.localdev',
- [string] $DomainNetbiosName = 'ADDSLOCALDEV',
- [string] $DomainSuffix = 'DC=adds,DC=localdev',
- [string] $UserName = 'Luke.Carrier',
- [string] $UserFullName = 'Luke Carrier',
- [SecureString] $UserPassword = (ConvertTo-SecureString -String 'P4$$word' -AsPlainText -Force),
- [string] $RDHost = "$($env:ComputerName).$($env:UserDnsDomain)"
- )
- # Before running me...
- #
- # 1. Ensure that your two network adapters are configured:
- # a. First one as NAT, DHCP
- # b. Second one as Host-only, static IP
- Import-Module -Name ServerManager
- foreach ($module in @('ActiveDirectory', 'ADDSDeployment', 'RemoteDesktop')) {
- try {
- Import-Module -Name $module
- } catch {
- Write-Debug "Unable to import $($module) module -- is it installed yet?"
- }
- }
- Set-StrictMode -Version Latest
- $ErrorActionPreference = 'Stop'
- $FeaturesAD = @('AD-Domain-Services', 'DNS', 'GPMC', 'RSAT-AD-Tools')
- $FeaturesRD = @('RDS-Connection-Broker', 'RDS-RD-Server', 'RDS-Web-Access')
- $GroupRDUsers = 'Remote Desktop Users'
- if ((Get-WindowsFeature -Name $FeaturesAD) | ? { $_.Installed -eq $false }) {
- Install-WindowsFeature -Name $FeaturesAD -IncludeAllSubFeature -IncludeManagementTools
- Restart-Computer -Force
- }
- try {
- Get-ADDomain | Out-Null
- } catch {
- Install-ADDSForest -DomainName $DomainName -DomainNetbiosName $DomainNetbiosName `
- -DomainMode 'WinThreshold' -ForestMode 'WinThreshold' `
- -CreateDnsDelegation:$false -InstallDns -NoRebootOnCompletion `
- -DatabasePath 'C:\Windows\NTDS' -SysvolPath 'C:\Windows\SYSVOL_DFSR' `
- -SafeModeAdministratorPassword $SafeModeAdministratorPassword -Force
- Restart-Computer -Force
- }
- if ((Get-WindowsFeature -Name $FeaturesRD) | ? { $_.Installed -eq $false }) {
- Install-WindowsFeature -Name $FeaturesRD -IncludeAllSubFeature -IncludeManagementTools
- Restart-Computer -Force
- }
- try {
- Get-ADUser -Identity "CN=$($UserName),CN=Users,$($DomainSuffix)" | Out-Null
- } catch {
- New-ADUser -SamAccountName $UserName -AccountPassword $UserPassword -Name $UserFullName `
- -Enabled:$true -PasswordNeverExpires:$true -ChangePasswordAtLogon:$false
- }
- try {
- Add-ADPrincipalGroupMembership `
- -Identity "CN=$($UserName),CN=Users,$($DomainSuffix)" `
- -MemberOf "CN=Enterprise Admins,CN=Users,$($DomainSuffix)" | Out-Null
- } catch {
- Get-ADPrincipalGroupMembership `
- -Identity "CN=$($UserName),CN=Users,$($DomainSuffix)" `
- -MemberOf "CN=Enterprise Admins,CN=Users,$($DomainSuffix)" | Out-Null
- }
- try {
- Add-ADPrincipalGroupMembership `
- -Identity "CN=$($UserName),CN=Users,$($DomainSuffix)" `
- -MemberOf "CN=Domain Admins,CN=Users,$($DomainSuffix)" | Out-Null
- } catch {
- Get-ADPrincipalGroupMembership `
- -Identity "CN=$($UserName),CN=Users,$($DomainSuffix)" `
- -MemberOf "CN=Domain Admins,CN=Users,$($DomainSuffix)" | Out-Null
- }
- try {
- New-RDSessionDeployment -ConnectionBroker $RDHost -SessionHost $RDHost -WebAccessServer $RDHost `
- -Verbose
- } catch {}
- try {
- New-RDSessionCollection -CollectionName 'Personal' `
- -ConnectionBroker $RDHost -SessionHost $RDHost -PersonalUnmanaged
- } catch {}
- Set-RDPersonalSessionDesktopAssignment -CollectionName 'Personal' -Name $RDHost `
- -User "$($DomainNetbiosName)\$($UserName)"
- New-RDRemoteApp -DisplayName 'Notepad' -FilePath "$($env:WinDir)\system32\notepad.exe" -CollectionName 'Personal'
Add Comment
Please, Sign In to add comment