DDLAB–Create The Forest5 February 2011 3 min read.
Welcome back, at this point we should have 3 servers ready for our lab build which will each have received an installation of Windows 2008R2, had their network connections Patched up, and IP addresses assigned as per our plan.
This time we are going to focus on getting the basic domain services online so that we can begin with the foundation for our lab. The first step in this path will be installing AD on our main server and setting up a DHCP server for our clients
PowerShell and the CLI
As i have to rebuild the Lab deployment far to often, I am going to do as much as i can from the shell as that will save me some time clicking wizards, and installing services Like Active Directory and DHCP are not really overly challenging for a small setup like ours.
To get started I am going to launch my PowerShell console and Load up the Server Manager module so that we can install the roles and features
Import-Module ServerManager Get-Command –module ServerManager Get-WindowsFeatures Add-WindowsFeature ADDS-Domain-Controller,DHCP
Setting up Active Directory for the Lab is actually going to be pretty easy since this is going to be new clean forest and we have no worries about other forests of domains to be concerned with.
I am going to set the following settings:
Domain Name: damianflynn.demo
DNS Name: damianflynn.demo
Netbios Name: DF-DEMO
Administrator Password: Use the current Local Administrator Password
Forest Level: Windows 2008 R2
Domain Level: Windows 2008 R2
Issue the following command, and after a few minutes the servers will reboot for us. After which we will be logging in as the Domain Administrator.
dcpromo /unattend /InstallDns:yes /replicaOrNewDomain:domain /newDomain:forest /newDomainDnsName:damianflynn.demo /DomainNetbiosName:df-demo /databasePath:c:ntdsdata /logPath:c:ntdslogs /sysvolpath:c:windowssysvol /safeModeAdminPassword:D1saster! /domainLevel:4 /forestLevel:4 /rebootOnCompletion:yes
After rebooting, we will have a new Domain Controller, DNS server and a DHCP server ready for configuring.
Let’s configure the DHCP Servers scope so that we are prepared for any clients which might show up on the network needing a non static address, and more importantly we will make use of this a little later when we look at the Microsoft Deployment Toolkit.
in the following script we will complete these steps
Configure the DHCP Server Service for Automatic Start up
Start the DHCP Server Running now
Authorize the DHCP in our new Active Directory
Configure the DHCP Server:
Set the Scope for our lab to 172.16.100.0/24 and call it DF-Demo-Scope
Add a Pool of addresses for 172.16.100.150 to 172.16.100.199
Set the Default Gateway (Option 003) to 172.16.100.1
Set the DNS Servers (Option 005) to 172.16.100.10 (This Server)
Activate the Scope
set-service dhcpserver –startuptype automatic –status running
netsh dhcp add server LAB-SVR01 172.16.100.10
netsh dhcp server add scope 172.16.100.0 255.255.255.0 DF-Demo-Scope Demo-Scope
netsh dhcp server scope 172.16.100.0 add iprange 172.16.100.150 172.16.100.199 netsh dhcp server scope 172.16.100.0 set optionvalue 003 IPADDRESS 172.16.100.1
netsh dhcp server scope 172.16.100.0 set optionvalue 005 IPADDRESS 172.16.100.10
netsh dhcp server LAN-SVR01 scope 172.16.100.0 set state 1
Now, that was quick right.
Right, last task for the day, is to create some Organisational Units to host some services, users and computers for the rest of our deployment.
Import-Module ActiveDirectory New-ADOrganizationalUnit -Name OU=Operations,dc=damianflynn,dc=demo New-ADOrganizationalUnit -Name OU=Users,OU=Operations,dc=damianflynn,dc=demo New-ADOrganizationalUnit -Name OU=Services,OU=Operations,dc=damianflynn,dc=demo New-ADOrganizationalUnit -Name OU=Computers,OU=Operations,dc=damianflynn,dc=demo New-ADUser -Name "Damian Flynn" -SamAccountName Damian.Flynn -Description "Damians User Account" -Enabled $true -AccountPassword (Read-Host -AsSecureString "Password") -Path "OU=Users,OU=Operations,dc=damianflynn,dc=demo"