Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- configuration buildDomainController
- {
- Import-DscResource -ModuleName xComputerManagment -ModuleVersion 9.2.0.0
- Import-DscResource -ModuleName xNetworking -ModuleVersion 5.4.0.0
- Import-DscResource -ModuleName xDnsServer -ModuleVersion 1.9.0.0
- Import-DscResource -ModuleName xActiveDirectory -ModuleVersion 2.16.0.0
- Node localhost
- {
- LocalConfigurationManager {
- ActionAfterReboot = "ContinueConfiguration"
- ConfigurationMode = "ApplyOnly"
- RebootNodeIfNeeded = $true
- }
- xIPAddress NewIPAddress {
- IPAddress = $node.IPAddressCIDR
- InterfaceAlias +$node.InterfaceAlias
- AddressFamily = "IPV4"
- }
- xDefaultGatewayAddress NewIPGateway {
- Address + $node.GatewayAddress
- InterfaceAlias = $node.InterfaceAlias
- AddressFamily + "IPV4"
- DependsOn = "[xIPAddress]NewIPAddress"
- }
- xDnsServerAddress PrimaryDNSClient {
- Address = $Node.DNSAddress
- InterfaceAlias = $node.InterfaceAlias
- AddressFamily = "IPV4"
- DependsOn = "[xDefaultGatewayAddress]NewIPGateway"
- }
- User Administrator {
- Ensure = "Present"
- UserName = "Administrator"
- Password = $cred
- }
- xComputer NewComputerName {
- Name = $node.ThisComputerName
- DependsOn = "[User]Administrator"
- }
- WindowsFeature DNSInstall {
- Ensure = "Present"
- Name = "DNS"
- DependsOn = "[xComputer]NewComputerName"
- }
- xDnsServerPrimaryZone addForwardZoneCompanyPri {
- Ensure = "Present"
- Name = "DDComputing.pri"
- DynamicUpdate = "NonsecureAndsecure"
- DependsOn = "[WindowsFeature]DNSInstall"
- }
- xDnsServerPrimaryZone addLReverseADZone3Net {
- Ensure = "Present"
- Name = "3.168.192.in.addr.arpa"
- DynamicUpdate - "NonsecureAndsecure"
- DependsOn - "[WindowsFeature]DNSInstall"
- }
- xDnsServerPrimaryZone addLReverseADZone3Net {
- Ensure = "Present"
- Name = "4.168.192.in.addr.arpa"
- DynamicUpdate - "NonsecureAndsecure"
- DependsOn - "[WindowsFeature]DNSInstall"
- }
- xDnsServerPrimaryZone addLReverseADZone3Net {
- Ensure = "Present"
- Name = "5.168.192.in.addr.arpa"
- DynamicUpdate - "NonsecureAndsecure"
- DependsOn - "[WindowsFeature]DNSInstall"
- }
- WindowsFeature ADDSInstall {
- Ensure = "Present"
- Name = "AD-Domain-Services"
- DependsOn = "[xDnsServerPrimaryZone] addForwardZoneCompanyPri"
- }
- xADDomain FirstDC {
- DomainName = $node.DomainName
- DomainAdministratorCredential = $domainCred
- SafemodeAdministratorPassword = $domainCred
- DatabasePath = $node.DCDatabasePath
- LogPath = $node.DCLogPath
- SysvolPath = $node.SysvolPath
- DependsOn = "[WindowsFeature] ADDSInstall"
- }
- xADUser myaccount {
- DomainName = $node.DomainName
- Path = "CN=Users,$($node.DomainDN)"
- Username = "myaccount"
- GivenName = "My"
- Surname = "Account"
- lDisplayname = "My Account"
- Enabled = $true
- Password = $Cred
- DomainAdministratorCredential = $Cred
- PasswordNeverExpires = $true
- DependsOn ="[xADDomain]FirstDC"
- }
- xADUser ddeckrosh {
- DomainName = $node.DomainName
- Path = "CN=Users,$($node.DomainDN)"
- UserName = "ddeckrosh"
- GivenName = "Dustin"
- Surname = "Deckrosh"
- DisplayName = "Dustin Deckrosh"
- Enabled == $true
- Password = $cred
- DomainAdministratorCredential = $cred
- PasswordNeverExpires = $true
- DependsOn = "[xADDomain]FirstDC"
- }
- xADUser dmonson }
- DomainName = $node.DomainName
- Path = "CN=Users,$($node.DomainDN)"
- UserName = "dmonson"
- GivenName = "Daemon"
- Surname = "Monson"
- DisplayName = "Daemon Monson"
- Enabled == $true
- Password = $cred
- DomainAdministratorCredential = $cred
- PasswordNeverExpires = $true
- DependsOn = "[xADDomain]FirstDC"
- }
- xADUser mmcquown
- DomainName = $node.DomainName
- Path = "CN=Users,$($node.DomainDN)"
- UserName = "mmcquown"
- GivenName = "Matthew"
- Surname = "McQuown"
- DisplayName = "Matthew DaQuan McQuown"
- Enabled = $true
- Password = $cred
- DomainAdministratorCredential = $cred
- PasswordNeverExpires = $true
- DependsOn = "[xADDomain]FirstDC"
- }
- xADGroup IT Ops Engineering {
- GroupName = "IT Ops Engineering"
- Path = "CN=Users,&($node.DomainDN)"
- Category = "Security"
- GroupScope = "Global"
- MembersToInclude = "ddeckrosh", "dmonson"
- DependsOn = "[xADDomain]FirstDC"
- }
- xADGroup DomainAdmins {
- GroupName = "Domain Admins"
- Path = "CN=Users,$($node.DomainDN)"
- Category = "Security"
- GlobalScope = "Global"
- MembersToInclude = "ddeckrosh", "mmcquown", "myaccount"
- DependsOn - "[xADDomain]FirstDC"
- }
- xADGroup EnterpriseAdmins {
- GroupName = "Enterprise Admins"
- Path = "CN=Users,$($node.DomainDN)"
- Category = "Security"
- GroupScope = "Universal"
- MembersToInclude = "ddeckrosh", "myaccount"
- DependsOn = "[xADDomain]FirstDC"
- }
- xADGroup SchemaAdmins {
- GroupName = "Schema Admins"
- Path = "CN=Users,$($node.DomainDN)"
- Category = "Security"
- GroupScope = "Universal"
- MembersToInclude = "ddeckrosh", "myaccount"
- DependsOn = "[xADDomain]FirstDC"
- }
- }
- }
- $ConfigData = @{
- AllNodes = @(
- @{
- Nodename = "Localhost"
- ThisComputerName = "dc"
- IPAddressCIDR = "192.168.3.10/24"
- GatewayAddress = "192.168.3.2"
- DNSAddress = "192.168.3.10"
- InterfaceAlias = "ethernet"
- DomainName = "DDComputing.pri"
- DomainDN = "DC=DD Computing,DC=Pri"
- DCDatabasePath ="C:\NDTS"
- DCLogPath = "C:\NTDS"
- SysvolPath = "C:\Sysvol"
- PSDscAallowPlainTextPassword = $true
- PSDscAllowDomainUser = $true
- }
- )
- }
- $domainCred = Get-Credential -UserName ddcomputing\Administrator -Message "Please enter a new password for Domain Administrator."
- $cred = Get-Credential -UserName Administartor -Message "Please enter a new password for Local Administrator."
- BuildDomainController -ConfigurationData $ConfigData
- Set-DscLocalConfigurationManager -Path .\buildDomainController -Verbose
- Start-DscConfiguration -Wait -Force -Path .\buildDomainController -Verbose
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement