How to: Add new DC to existing domain with PowerShell

|

First of all you have to install AD DS role binaries on sever using either Server Manager GUI or PowerShell:

Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools

Note that if you are executing above command on real server Core installation you may get errors when using -IncludeManagementTools parameter as some of management tools can’t be installed on Core installation.

Once role is installed you may use script similar to this one to add DC to existing domain:

# Windows PowerShell script for AD DS Deployment
# Password for domain join credentials will be prompted
# no DSRM password prompt
Import-Module ADDSDeployment
Install-ADDSDomainController `
-NoGlobalCatalog:$false `
-CreateDnsDelegation:$false `
-Credential (Get-Credential CONUNDRUM\Administrator) `
-CriticalReplicationOnly:$false `
-DatabasePath "C:\Windows\NTDS" `
-DomainName "conundrum.com" `
-InstallDns:$true `
-LogPath "C:\Windows\NTDS" `
-NoRebootOnCompletion:$false `
-SiteName "Default-First-Site-Name" `
-SysvolPath "C:\Windows\SYSVOL" `
-SafeModeAdministratorPassword (ConvertTo-SecureString 'P@ssw0rd' -AsPlainText -Force) `
-Force:$true

This script was tested with Windows Server 2012 R2.

Also script above is a great example of using tick (“`”) symbol which greatly improves readability of your PS scripts saved into a file. Just to highlight the difference most of this script supposed to be one line (starting from “Install-ADDSDomainController” cmdlet). Here is this line:

Install-ADDSDomainController -NoGlobalCatalog:$false -CreateDnsDelegation:$false -Credential (Get-Credential CONUNDRUM\Administrator) -CriticalReplicationOnly:$false -DatabasePath "C:\Windows\NTDS" -DomainName "conundrum.com" -InstallDns:$true -LogPath "C:\Windows\NTDS" -NoRebootOnCompletion:$false -SiteName "Default-First-Site-Name" -SysvolPath "C:\Windows\SYSVOL" -SafeModeAdministratorPassword (ConvertTo-SecureString 'P@ssw0rd' -AsPlainText -Force) -Force:$true

It is very easy to see how inconvenient it is to read/scroll through this line. Using tick symbol you can make your script far more readable.

Leave a Reply

Your email address will not be published. Required fields are marked *