APK ANDROID

SCVMM Service Template for the first DC in a Forest – part 2

SCVMM Service Template for the first DC in a Forest – part 2

Okay, so I posted the traditional way of handling this, with a BATCH file.

But, in reality all I did was sue a BATCH file to in turn process a PowerShell script.  I considered this silly.  There must be a way to process the PowerShell script without having to use the BATCH script.

I mean, come on.  This is Server 2012 I am using and PowerShell v3.  Yes, I know there are some advanced things that ca be done with BATCH scripting (I have done some in my history), but think out of the box here.

So, I spent bunches of time playing around with this (so you wouldn�t have to (if you stumbled on my post)).

In the end, it wasn�t that difficult, just had to think about things a bit differently.

Oh, and one important thing I left out of my previous post.  Use a local administrator Run As account for adding the local administrator admin credentials to the OS and the same Run As account a second time to process the scripts.

So, here is the script the PowerShell way:

param (
[string]$domainName,
[string]$netbiosName,
[string]$safeModePass
)

# Build a domain controller and the test domain.

# Add the RSAT tools
Add-WindowsFeature RSAT-AD-Tools

# Add the features
Add-WindowsFeature AD-Domain-Services -IncludeAllSubFeature -IncludeManagementTools
Add-WindowsFeature DNS -IncludeAllSubFeature -IncludeManagementTools
Add-WindowsFeature GPMC -IncludeAllSubFeature -IncludeManagementTools

# convert the password to a secure string as required
$secPass = ConvertTo-SecureString -String $safeModePass -AsPlainText -Force

# Create the Forest and Domain
Install-ADDSForest -CreateDnsDelegation:$false -DomainMode Win2012 -DomainName $domainName -DomainNetbiosName $netbiosName -ForestMode Win2012 -InstallDns -Force -SafeModeAdministratorPassword $secPass

I know what you are thinking, that can be shortened.  And my reply; yes, it can.  And you advanced folks, go right ahead.

Now, in the Application Configuration of the Tier in the Service.  Two pre-install scripts.

The first pre-install script is to set script execution to RemoteSigned:

The executable program is: %WINDIR%System32WindowsPowerShellv1.0PowerShell.exe

And the Parameters are: -command set-executionpolicy remotesigned �force 

(I don�t have a Run As account defined BTW).

The second pre-install script is everything above.  But those are included in the Custom Resource Package as a .ps1 file.

The executable program is the same.  The Parameters are different: -file .DomainController.ps1 @DomainName@ @DomainNetbiosName@ @SafeModeAdministratorPassword@

And the Run As account is my local admin run as account profile.  And the timeout needs to be turned up to about 600 seconds.

That is it.  I tried it a few times.  It works. 

visit link download