Core-Install


# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Changing the IP address of the servers NIC
# New-NetIPAddress - InterfaceAlias $NICnew -IPAddress (Read-Host -Promt "Enter new IP address") `
# -PrefixLength 24 -DefaultGateway (Read-Host -Promt "Enter new IP address")=
# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
############# Need to create shares here ##################
# Diskpart > List disk > Sel disk 1 > create part pri size=20480 > create part pri size=19465 >
# sel part 1 > assign letter=X > format fs=ntfs quick > sel part 2 > asign letter=Z > format fs=ntfs quick.
# VssAdmin.exe add shadowstorage /For=X: /ON=X: /MaxSize=500MB
############# Need to create shares here ##################
# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

### Top var declaration. ###
# Yes or No for Request
$Y = @('Y','Yes', 'y', 'yes')
$N = @('N', 'No', 'n', 'no')
# Server
$HostName = hostname
$ReqChange_SRV = Write-Output (Read-Host -prompt "Server has name $Hostname. Do you want to change this? Type [yes|No]")
$ReqNewSrvName = (Read-Host -Prompt "What name do you want to give to the server?")
# NIC
$CurNicName = (Get-NetAdapter).Name
$ReqChange_NIC = Write-Output (Read-Host -prompt "NIC has name $CurNicName. Do you want to change this? Type [yes|No]")
$ReqNewNicName = (Read-Host -Prompt "Enter new NIC name")
# Domain name
$ReqDomain = (Read-Host -Prompt "Enter Domain name")
$CurDomain = (Get-ADDomain -Identity (Get-WmiObject Win32_ComputerSystem).Domain).NetBIOSName
# (Get-ADDomain -Current LocalComputer).NetBIOSName
# CSV files
$OU = Import-Csv -Delimiter "," -Path (Read-Host -Prompt "Enter OU CSV file location")
$users = Import-Csv -Delimiter "," -Path (Read-Host -Prompt "Enter Users CSV file location")
$Groups = Import-Csv -Delimiter "," -Path (Read-Host -Prompt "Enter Groups CSV file location")
# Password
$securePassword = (ConvertTo-SecureString "TestPassw0rd!" -AsPlainText -Force)
$UserPass = Get-WMIObject -class Win32_ComputerSystem | Select-Object username
# GPO
$ReqNewGpo = Write-Output (Read-Host -Prompt "Do you want to add a new GPO [Yes|No]")
$ReqNewGPOName = Write-Output (Read-Host -Prompt "Enter a GPO name")
$GPOComment = Write-Output (Read-Host -Prompt "Add a comment")
### Start of server name changing process. ###
# If server name should be changed, change it.
    If ($ReqChange_SRV -in $Y) {
        Write-Output $ReqNewSrvName
        Write-Output "server name will be changed from $Hostname to $ReqNewSrvName"
        Rename-Computer -Confirm:0 -NewName $ReqNewSrvName
        # If server name should not be changed, continue to next step.
        } ElseIf ($ReqChange_SRV -in $N) {
             Write-Output "No changes will be made. Continuing to next step."
        } Else {
             Write-Output "Wrong input please try again."
    }
# After previous step, sleep for 5 seconds.
Start-Sleep -Seconds 2
### End of server name changing process. ###

### Start of changing the NIC name. ###
# If NIC name should be changed, change it.
If ($ReqChange_NIC -in $Y) {
    Write-Output $ReqNewNicName
    Write-Output "NIC name will be changed from $CurNicName to $ReqNewNicName"
    Rename-NetAdapter -Name $CurNicName -NewName $ReqNewNicName
    # If server name should not be changed, continue to next step.
    }   ElseIf ($ReqChange_NIC -in $N){
            Write-Output "No changes will be made. Continuing to next step."
    # If user enters false input
        }Else {
            Write-Output "Wrong input, please try again."
    }
# After previous step, sleep for 5 seconds.
Start-Sleep -Seconds 2
### End of NIC name changing process. ###

### Start of installing and configuring AD-DS. ###
# Installing the AD-DS Features.
Write-Output "Installing Windows Feature AD-DS"
Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools
# Import module for script.
Import-Module ActiveDirectory
# To set all needed values for the AD-DS.
Install-ADDSForest -DomainName $ReqDomain -SafeModeAdministratorPassword (read-host -prompt "Safe Mode Password" -assecurestring) `
-DomainNetbiosName (read-host -prompt "NetBios Name") -DomainMode Win2012R2 -ForestMode Win2012R2 -DatabasePath "C:\Windows\NTDS" `
-LogPath "C:\Windows\NTDS" -SysvolPath "C:\Windows\SYSVOL" -NoRebootOnCompletion -InstallDns -Force –PassThru
Write-Output "Configured the AD-DS Feature"
# Increasing the forest and domain functional level to Server2016.
Set-ADForestMode -Identity $ReqDomain -ForestMode 'Windows2016Forest'
Set-ADDomain -Identity $ReqDomain -DomainMode 'Windows2016Domain'
# After previous step, sleep for 5 seconds.
Start-Sleep -Seconds 2
### End of installing and configuring AD-DS. ###

### Start of creating all the needed Organizational Units. ###
# For loop for all items in Orginizational Unit CSV file.
ForEach ($OUitem in $OU) {
    # Declaring the variables for the data in the OU CSV file.
    $OUName = $OUitem.Name
    $OUPath = $OUitem.Path
    # This command will be executed for each item in the csv file.
    New-ADOrganizationalUnit -ProtectedFromAccidentalDeletion $true -Name $OUName -Path $OUPath
    # Sleep 1 second for each added item.
    Start-Sleep -Seconds 1
}
### End of creating all the needed Organizational Units. ###

### Start of creating all the users. ###
# For loop for all items in Users CSV file.
ForEach ($user in $users){
    # Declaring the variables for the data in the Users CSV file.
	$fName = $user.'First Name'
	$lName = $user.'Last Name'
	$DisplayName = ($fName+" "+$lName)
	$jTitle = $user.'Job Title'
	$Desc = $user.Description
	$AccName = ($fName[0]+"."+$lName)
	$OUpath = $user.'Organizational Unit'
	$Prpath = $user.'Profile Path'
    $HoPath = $user.'Home Path'
    $Drive = $user.Drive
	# This command will be executed for each item in the csv file.
	New-ADUser -name $AccName -GivenName $fName -surname $lName -Title $jTitle -DisplayName $DisplayName `
	-Description $Descri -Path $OUpath -ProfilePath $PrPath -HomeDrive $Drive -HomeDirectory $HoPath -Description $Desc `
    -AccountPassword $securePassword -ChangePasswordAtLogon 1 -Enabled 1 `
    # Sleep 1 second for each added item.
    Start-Sleep -Seconds 0.5
}
### End of creating all the needed Users. ###

### Start of creating all the Groups. ###
ForEach ($Group in $Groups) {
    $Gname = $Group.Name
    $GManaged = $Group.Managed
    $GPath = $Group.Path
    $GDesc = $Group.Description
    $GCat = $Group.Category
    $GScope = $Group.Scope

    New-ADGroup -Name $Gname -Managed $GManaged -Path $GPath `
    -Description $GDesc -GroupCatergory $GCat -GroupScope $GScope
    Start-Sleep -Seconds 0.5
}
### End of creating all the Groups. ###
### Start of adding members to created Group. ###
Foreach ( $Group in $Groups) {
    $GMember = $Group.Member


    Add-ADGroupMember -Identity $Gname -Members $GMember -Credentials $UserPass -Server $CurDomain
    Start-Sleep -Seconds 0.5
}
### Start of adding members to created Group. ###

### Start enabling RDP on Server. ###
set-ItemProperty -Path 'HKLM:SystemCurrentControlSetControlTerminal Server' `
-name "fDenyTSConnections" -Value 0
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
set-ItemProperty -Path 'HKLM:SystemCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp' `
-name "UserAuthentication" -Value 1
### End enabling RDP on Server. ###

### Start Creating GPO's. ###

Write-Output $ReqNewGpo
If ($ReqNewGpo -in $Y){
    New-GPO -Name $ReqNewGPOName -Comment $GPOComment -Domain $CurDomain -Confirm:0
}
    ElseIf ($ReqNewGpo -in $N) {
        Write-Output (Read-Host -Prompt "No new GPO will be added, continuing to enxt step.")
    }
    Else {
        Write-Output "Wrong input, please try again"
    }
    ### End Creating GPO's. ###