ADDS/SQL/Sharepoint Setup Script

1. param([string]$Stage)
2.  
3.  
4. $ADDSSettings = @{
5.     Hostname = "SPDEV-DC"
6.     IPAddress = "192.168.0.225"
7.     }
8. $SQLSettings = @{
9.     Hostname = "SPDEV-SQL"
10.     IPAddress = "192.168.0.226"
11.     JoinDomain = $True
12.     }
13. $SP2010Settings = @{
14.     Hostname = "SPDEV-SP2010"
15.     IPAddress = "192.168.0.210"
16.     Version = "2010"
17.     JoinDomain = $True
18.     }
19. $SP2013Settings = @{
20.     Hostname = "SPDEV-SP2013"
21.     IPAddress = "192.168.0.213"
22.     Version = "2013"
23.     JoinDomain = $True
24.     }
25.  
26. $SetupPath = "D:"
27. $AutoSPInstallerPath = "$SetupPath\Sharepoint\AutoSPInstaller"
28. $NetBiosName = "pocketdomain"
29. $TLD = "corp"
30. $UserOU = "SharepointUsers"
31. $DomainUsers = @(
32.     "SP_Farm",
33.     "SP_CacheSuperUser",
34.     "SP_CacheSuperReader",
35.     "SP_Services",
36.     "SP_PortalAppPool",
37.     "SP_ProfilesAppPool",
38.     "SP_SearchService",
39.     "SP_SearchContent",
40.     "SP_ProfileSync",
41.     "SP_VisioUser",
42.     "SP_PerfPointUser",
43.     "SP_ExcelUser"
44.     )
45. $DNSServer = $ADDSSettings.IPAddress
46. $NetMask = "255.255.255.0"
47. $Gateway = "192.168.0.1"
48. $Password = "Abc123!"
49. $kms = "10.0.0.1"
50. $SecurePassword = $Password | ConvertTo-SecureString -AsPlainText -Force
51. $DomainName = "$NetBiosName.$TLD"
52. $UserPath = "OU=$UserOU,DC=$NetBiosName,DC=$tld"
53.  
54. Function Add-Task ($Stage) {
55. schtasks.exe /CREATE /RU 'builtin\users' /SC ONLOGON /RL HIGHEST /TN "$Stage" /tr "powershell.exe -file $SetupPath\Setup.ps1 -Stage $Stage"
56. }
57.  
58. if (!($Stage -match "First_Run")) {schtasks.exe /DELETE /TN "$Stage" /F}
59.  
60. $First_Run_Scriptblock = {
61.     param($Settings)
62.     $Servername = $Settings.Hostname
63.     $IP = $Settings.IPAddress
64.     $JoinDomain = $Settings.JoinDomain
65.  
66.     cscript c:\windows\system32\slmgr.vbs /skms $kms:1688
67.     cscript c:\windows\system32\slmgr.vbs /ato
68.     cscript c:\windows\system32\slmgr.vbs /ato
69.  
70.     schtasks.exe /CHANGE /tn "\Microsoft\Windows\Server Manager\ServerManager" /disable
71.     net user administrator $Password
72.     New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name "AutoAdminLogon" -Value 1 -PropertyType String -Force
73.     New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name "DefaultUserName" -Value "Administrator" -PropertyType String -Force
74.     New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name "DefaultPassword" -Value $Password -PropertyType String -Force
75.  
76.     Write-Host "Setting network configuration..."
77.     $NetworkWMI = Get-WmiObject win32_networkadapterconfiguration -filter "ipenabled = 'true'"
78.     $NetworkWMI.EnableStatic($IP, $NetMask)
79.     $NetworkWMI.SetGateways($Gateway, 1)
80.     $NetworkWMI.SetDNSServerSearchOrder($DNSServer)
81.     $ComputerWMI = Get-WmiObject win32_computersystem
82.  
83.     If ($Settings.Version) {[System.Environment]::SetEnvironmentVariable("Version", $Settings.Version, "Machine")}
84.  
85.     if ($JoinDomain) {
86.         $Counter = 0
87.         do {Write-Host "Waiting for $DomainName..."; $Counter++; Start-Sleep -Seconds 5}
88.         until ((Test-Connection $DomainName -quiet) -OR ($counter -eq 10))
89.         if (!(Test-Connection $DomainName)) {throw "Can't reach $DomainName"}
90.         $ComputerWMI.JoinDomainOrWorkGroup($DomainName, $Password, "$NetBiosName\Administrator", $Null, 23)
91.         $ComputerWMI.Rename($ServerName,$Password,"$NetBiosName\Administrator")
92.         New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name "DefaultUserName" -Value "$NetBiosName\Administrator" -PropertyType String -Force
93.         } else {
94.         Rename-Computer $Servername
95.         }
96.     }
97. $Install_SQL_Scriptblock = {
98.     netsh advfirewall firewall add rule name="SQL" protocol=tcp dir=in localport=1433 action=allow enable=yes
99.     net user /add sqlagent $Password
100.     net user /add sqlengine $Password
101.     start-process -path "$SetupPath\SQL\setup.exe" -ArgumentList "/configurationfile=""$SetupPath\sql_configuration.ini""" -Wait
102.     }
103. $Install_RSAT_Scriptblock = {
104.     Add-WindowsFeature -name "RSAT-AD-Tools"
105.     }
106. $Install_ADDS_ScriptBlock = {
107.     Write-Host "Adding AD-Domain-Services"
108.     Add-WindowsFeature -Name "ad-domain-services" -IncludeAllSubFeature -IncludeManagementTools
109.     Write-Host "Adding DNS..."
110.     Add-WindowsFeature -Name "dns" -IncludeAllSubFeature -IncludeManagementTools
111.     Write-Host "Adding Group Policy Management Console..."
112.     Add-WindowsFeature -Name "gpmc" -IncludeAllSubFeature -IncludeManagementTools
113.     }
114. $Install_Forest_Scriptblock = {
115.     Import-Module ADDSDeployment
116.     New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name "DefaultUserName" -Value "$NetBiosName\Administrator" -PropertyType String -Force
117.     Write-Host "Installing Forest..."
118.     $ForestSettings = @{
119.         CreateDNSDelegation = $False
120.         DatabasePath = "C:\Windows\NTDS"
121.         DomainMode = "Win2012"
122.         ForestMode = "Win2012"
123.         DomainName = $DomainName
124.         DomainNetbiosName = $NetBiosName
125.         InstallDns = $True
126.         LogPath = "C:\Windows\NTDS"
127.         NoRebootOnCompletion = $False
128.         SysvolPath = "C:\Windows\SYSVOL"
129.         Force = $True
130.         SafeModeAdministratorPassword = $SecurePassword
131.         }
132.     Install-ADDSForest @ForestSettings
133.     }
134. $Setup_ADObjects_Scriptblock = {
135.     New-ADOrganizationalUnit "$UserOU"
136.     Foreach ($User in $DomainUsers) {New-ADUser $User -GivenName $User -Path $UserPath -Enabled $True -AccountPassword $SecurePassword}
137.     }
138. $Install_PKI_Scriptblock = {
139.     Import-Module ServerManager
140.     Write-Host "Adding Certificate Services..."
141.     Add-WindowsFeature Adcs-Cert-Authority -IncludeManagementTools
142.     $PKISettings = @{
143.         CACommonName = "$env:COMPUTERNAME"
144.         CAType = "EnterpriseRootCA"
145.         CryptoProviderName = "RSA#Microsoft Software Key Storage Provider"
146.         KeyLength = 2048
147.         HashAlgorithmName = "SHA1 "
148.         ValidityPeriod = "Years"
149.         ValidityPeriodUnits = 3
150.         Force = $True
151.         }
152.     Install-AdcsCertificationAuthority @PKISettings
153.     }
154. $Setup_Sharepoint_Scriptblock = {
155.     if ($Env:Version -eq "2013") {Import-Module ServerManager;Add-WindowsFeature Net-Framework-Features,Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-App-Dev,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Security,Web-Basic-Auth,Web-Windows-Auth,Web-Filtering,Web-Digest-Auth,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Tools,Web-Mgmt-Console,Web-Mgmt-Compat,Web-Metabase,Application-Server,AS-Web-Support,AS-TCP-Port-Sharing,AS-WAS-Support, AS-HTTP-Activation,AS-TCP-Activation,AS-Named-Pipes,AS-Net-Framework,WAS,WAS-Process-Model,WAS-NET-Environment,WAS-Config-APIs,Web-Lgcy-Scripting,Windows-Identity-Foundation,Server-Media-Foundation,Xps-Viewer}    
156.     Write-Host "Disabling UAC..."
157.     New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system' -Name EnableLUA -PropertyType DWord -Value 0 -Force
158.     Write-Host "Disabling IE first-run customization..."
159.     New-Item -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Main' -Force
160.     New-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Main' -name DisableFirstRunCustomize -PropertyType DWord -Value 1 -Force
161.    
162.     }  
163. $Install_Sharepoint_Scriptblock = {
164.     start-process -path "$AutoSPInstallerPath\AutoSPInstallerLaunch.bat" -ArgumentList "$AutoSPInstallerPath\PocketDomain-$env:Version.xml" -wait
165.     throw "Installing Sharepoint, no reboot required."
166.     }
167.  
168.  
169. switch ($Stage)
170.     {
171.     "First_Run_ADDS" {&$First_Run_Scriptblock $ADDSSettings; Add-Task Install_RSAT}
172.     "First_Run_SQL" {&$First_Run_Scriptblock $SQLSettings; Add-Task Install_SQL}
173.     "First_Run_SP2013" {&$First_Run_Scriptblock $SP2010Settings; Add-Task Setup_Sharepoint}
174.     "First_Run_SP2010" {&$First_Run_Scriptblock $SP2013Settings; Add-Task Setup_Sharepoint}
175.     "Setup_Sharepoint" {&$Setup_Sharepoint_Scriptblock; Add-Task Install_Sharepoint}
176.     "Install_Sharepoint" {&$Install_Sharepoint_Scriptblock}
177.     "Install_RSAT" {&$Install_RSAT_Scriptblock; Add-Task Install_ADDS}
178.     "Install_SQL"  {&$Install_SQL_Scriptblock}
179.     "Install_ADDS" {&$Install_ADDS_ScriptBlock; Add-Task Install_Forest}
180.     "Install_Forest" {&$Install_Forest_Scriptblock; Add-Task Install_PKI}
181.     "Install_PKI" {&$Install_PKI_Scriptblock; Add-Task Setup_ADObjects}
182.     "Setup_ADObjects" {&$Setup_ADObjects_Scriptblock}
183.     }
184.  
185.  
186.  
187. if (!($Error[0])) {Restart-Computer} else {Write-Host "Errors!"; $Error | Select-Object * | Out-File c:\errors.txt -Append; notepad.exe c:\errors.txt}