psps
October 2, 2018, 6:04am
1
Hi Guys,
New DSC user here and I cannot explain how happy I am that this extension exist. I configured my domain and users, groups etc but I have hard time to figure it out how can I create a domain and within the same configuration add servers to domain. It is very easy to configure domain but to join servers to it it is hard. I would like to accomplish this within same configuration. I created AllNodes and node that will be DC and other Nodes that will be servers in a domain. My configuration is failing and I don’t know how to proceed. I watched MVA and checked on internet but I was not able to find the right way of doing this. Once the domain is up and running how to continue with configuration and promote other servers to domain?
I hope that someone can shed some light on this?
Thanks
Can you help us by posting you configuration script, remove you confidential data with dummy values.
psps
October 2, 2018, 8:39am
3
Hi Kvprasoon,
I have config data where I have AllNodes and 3 main nodes
$Data = @{
AllNodes = @(
@{
NodeName = '*'
RetryCount = 20
RetryIntervalSec = 30
PSDscAllowPlainTextPassword = $True
}
@{
NodeName = '192.168.0.40'
Role = 'DC'
}
@{
NodeName = '192.168.0.41'
Role = 'Member'
}
@{
NodeName = '192.168.0.42'
Role = 'Member'
}
)
DCData = @{
DomainName = 'domain.com'
Feature = 'AD-Domain-Services'
DatabasePath = "C:\NTDS"
LogPath = "C:\NTDS"
SysvolPath = "C:\Sysvol"
ForestMode = 'WinThreshold'
DomainMode = 'WinThreshold'
IncludeAllSubFeature = $True
Ensure = 'Present'
}
MemberData = @{
DomainName = 'domain.com'
Address = '192.168.0.40'
InterfaceAlias = 'Ethernet'
AddressFamily = 'IPv4'
}
}
Then I have the config file and the DC part is good but I don’t know how to continue after xADGroup AddAdminToDomainAdminsGroup
node $AllNodes.Where{$_.Role -eq 'DC'}.NodeName {
$DCData = $Data.DCData
# Install the Windows Feature for AD DS
WindowsFeature ADDSInstall {
Ensure = $DCData.Ensure
Name = $DCData.Feature
}
# Make sure the Active Directory GUI Management tools are installed
WindowsFeature ADDSRSATTools {
Name = 'RSAT-ADDS'
Ensure = $DCData.Ensure
IncludeAllSubFeature = $DCData.IncludeAllSubFeature
DependsOn = "[windowsFeature]ADDSInstall"
}
WindowsFeature DNSTools {
Name = 'RSAT-DNS-Server'
DependsOn = '[WindowsFeature]ADDSRSATTools'
}
xADDomain FirstDC {
DomainName = $DCData.DomainName
DomainAdministratorCredential = $DomainAdministratorCredential
SafemodeAdministratorPassword = $SafemodeAdministratorCredential
DependsOn = "[windowsFeature]ADDSInstall","[WindowsFeature]DNSTools"
}
xWaitForADDomain DomainWait {
DomainName = $DCData.DomainName
DomainUserCredential = $DomainAdministratorCredential
RetryCount = $Node.RetryCount
RetryIntervalSec = $Node.RetryIntervalSec
DependsOn = '[xADDomain]FirstDC'
}
xADUser AdUser {
UserName = 'N'
Password = $ADUserCredential
DomainName = $DCData.DomainName
DisplayName = 'NM'
DomainAdministratorCredential = $DomainAdministratorCredential
DependsOn = '[xWaitForADDomain]DomainWait'
}
xADGroup AddAdminToDomainAdminsGroup {
GroupName = 'Domain Admins'
GroupScope = 'Global'
Category = 'Security'
MembersToInclude = 'N'
Credential = $DomainAdministratorCredential
DependsOn = '[xADUser]AdUser'
}
node $AllNodes.Where{$_.Role -eq 'Member'}.NodeName {
$MemberData = $Data.MemberData
xDNSServerAddress DNSSettings {
Address = $MemberData.Address
InterfaceAlias = $MemberData.InterfaceAlias
AddressFamily = $MemberData.AddressFamily
}
xComputer '192.168.0.41'
{
Name = 'S1'
DomainName = $MemberData.DomainName
Credential = $DomainAdministratorCredential
Dependson = "[WindowsFeature]ADDSInstall"
}
xComputer '192.168.0.42'
{
Name = 'S2'
DomainName = $MemberData.DomainName
Credential = $DomainAdministratorCredential
Dependson = "[WindowsFeature]ADDSInstall"
}
}
}
}
psps
October 2, 2018, 2:27pm
4
Hi guys,
I thought that this will be simple task for someone that is familiar with DSC. I cannot figure it out how to continue my script after domain is created. Can someone please help mw with this one? Once domain is created how to proceed with joining servers in node $AllNodes.Where{$_.Role -eq ‘Member’}.NodeName {
Or I am on wrong path
Thank you in advance.