Install AD-Domain-Services And Configure A New Domain On Windows Server 2016

#Install AD-Domain-Services And Configure A New Domain On Windows Server 2016

#This is to install and configure a new domain called domain.muppetlabs.com with a short name of domain. You don’t really need to restart, but you do need to login with domain\username credentials when you reconnect. You will be disconnected at the end of the procedure.

#Just the code:

Get-WindowsFeature -Name AD-Domain-Services|Install-WindowsFeature -Verbose|fl
Import-Module ADDSDeployment -PassThru|fl
Install-ADDSForest -DomainName domain.muppetlabs.com -DomainNetbiosName DOMAIN -DomainMode 7 -ForestMode 7 -InstallDNS -Verbose|fl

#The Longer Story…

#This is just to install a single domain on Windows Server 2016 using PowerShell commands.

#Install feature AD-Domain-Services in Windows Server 2016 using PowerShell Direct

Get-WindowsFeature -Name AD-Domain-Services|Install-WindowsFeature -Verbose|fl

#Import the ADDSDeployment module that contains Install-ADDSForest

Import-Module -Name ADDSDeployment -PassThru|fl

#Create domain and forest

#-DomainMode 7 and -ForestMode 7 are for Server 2016 domain and forest mode. These settings should be modified if compatibility for previous Active Directory domain and forest mode support is needed. I do not see these settings on the Microsoft help page for Install-ADDSDeployment but if you use the GUI wizard method then Server 2016 mode is the default used there and this will be added when they update the Install-ADDSDeployment TechNet page past Server 2012 R2.

#The -DomainNetbiosName is different from a Netbios Computer Name and is what is used when logging in so domain\administrator is as valid as logging into domain.muppetlabs.com\administrator.

Install-ADDSForest -DomainName domain.muppetlabs.com -DomainNetbiosName DOMAIN -DomainMode 7 -ForestMode 7 -InstallDNS -Verbose|fl
#Type SafeModeAdministratorPassword
#Type SafeModeAdministratorPassword
#Type Y and press Enter
#Just wait for Active Directory to install

#Full Output of Install-ADDSForest:

[Server2016]: PS C:\Users\Administrator\Documents> Install-ADDSForest -DomainNam
e domain.muppetlabs.com -DomainNetbiosName DOMAIN -DomainMode 7 -ForestMode 7 -I
nstallDNS -Verbose|fl
WARNING: A script or application on the remote computer SERVER2016 is sending a
 prompt request. When you are prompted, enter sensitive information, such as
credentials or passwords, only if you trust the remote computer and the
application or script that is requesting the data.
SafeModeAdministratorPassword: ********
WARNING: A script or application on the remote computer SERVER2016 is sending a
 prompt request. When you are prompted, enter sensitive information, such as
credentials or passwords, only if you trust the remote computer and the
application or script that is requesting the data.
Confirm SafeModeAdministratorPassword: ********

The target server will be configured as a domain controller and restarted when
this operation is complete.
Do you want to continue with this operation?
[Y] Yes [A] Yes to All [N] No [L] No to All [?] Help (default is "Y"): y
VERBOSE: Active Directory Domain Services Setup
VERBOSE: Validating environment and parameters...
WARNING: Windows Server 2016 domain controllers have a default for the security
 setting named "Allow cryptography algorithms compatible with Windows NT 4.0"
that prevents weaker cryptography algorithms when establishing security channel
 sessions.

For more information about this setting, see Knowledge Base article 942564
(http://go.microsoft.com/fwlink/?LinkId=104751).

WARNING: A delegation for this DNS server cannot be created because the
authoritative parent zone cannot be found or it does not run Windows DNS
server. If you are integrating with an existing DNS infrastructure, you should
manually create a delegation to this DNS server in the parent zone to ensure
reliable name resolution from outside the domain "domain.muppetlabs.com".
Otherwise, no action is required.

VERBOSE: ----------------------------------------
VERBOSE: The following actions will be performed:
VERBOSE: Configure this server as the first Active Directory domain controller
in a new forest.

The new domain name is "domain.muppetlabs.com". This is also the name of the
new forest.

The NetBIOS name of the domain is "DOMAIN".

Forest Functional Level: Windows Server 2016

Domain Functional Level: Windows Server 2016

Site: Default-First-Site-Name

Additional Options:
 Read-only domain controller: "No"
 Global catalog: Yes
 DNS Server: Yes

Create DNS Delegation: No

Database folder: C:\Windows\NTDS
Log file folder: C:\Windows\NTDS
SYSVOL folder: C:\Windows\SYSVOL

The DNS Server service will be installed on this computer.
The DNS Server service will be configured on this computer.
This computer will be configured to use this DNS server as its preferred DNS
server.

The password of the new domain Administrator will be the same as the password
of the local Administrator of this computer.
VERBOSE: ----------------------------------------
VERBOSE: Active Directory Domain Services Setup
VERBOSE: Validating environment and parameters...
WARNING: Windows Server 2016 domain controllers have a default for the security
 setting named "Allow cryptography algorithms compatible with Windows NT 4.0"
that prevents weaker cryptography algorithms when establishing security channel
 sessions.

For more information about this setting, see Knowledge Base article 942564
(http://go.microsoft.com/fwlink/?LinkId=104751).

WARNING: A delegation for this DNS server cannot be created because the
authoritative parent zone cannot be found or it does not run Windows DNS
server. If you are integrating with an existing DNS infrastructure, you should
manually create a delegation to this DNS server in the parent zone to ensure
reliable name resolution from outside the domain "domain.muppetlabs.com".
Otherwise, no action is required.

VERBOSE: ----------------------------------------
VERBOSE: The following actions will be performed:
VERBOSE: Configure this server as the first Active Directory domain controller
in a new forest.

The new domain name is "domain.muppetlabs.com". This is also the name of the
new forest.

The NetBIOS name of the domain is "DOMAIN".

Forest Functional Level: Windows Server 2016

Domain Functional Level: Windows Server 2016

Site: Default-First-Site-Name

Additional Options:
 Read-only domain controller: "No"
 Global catalog: Yes
 DNS Server: Yes

Create DNS Delegation: No

Database folder: C:\Windows\NTDS
Log file folder: C:\Windows\NTDS
SYSVOL folder: C:\Windows\SYSVOL

The DNS Server service will be installed on this computer.
The DNS Server service will be configured on this computer.
This computer will be configured to use this DNS server as its preferred DNS
server.

The password of the new domain Administrator will be the same as the password
of the local Administrator of this computer.
VERBOSE: ----------------------------------------
VERBOSE: Press CTRL-C to: Cancel
VERBOSE: Active Directory Domain Services is now installed on this computer for
 the domain "domain.muppetlabs.com".

This Active Directory domain controller is assigned to the site
"Default-First-Site-Name". You can manage sites with the Active Directory Sites
 and Services administrative tool.



Message : Operation completed successfully
Context : DCPromo.General.3
RebootRequired : False
Status : Success

#It says you don’t have to reboot but I would.

Restart-Computer

#Reconnect to PowerShell Direct using the DOMAIN\administrator account after reboot from Install-ADDSForest is complete.

Enter-PSSession -VMName Server2016 -Credential domain\administrator

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.