Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Build Domain Controller for a DSC Demo
$ConfigData =@{
AllNodes = @(
@{NodeName = 'localhost';
PSDSCAllowPlainTextPassword = $True
}
)
}
Configuration BuildDC{
Param(
[parameter(Mandatory=$True)]
[ValidateNotNullorEmpty()]
[string]$NodeName,
[parameter(Mandatory=$True)]
[ValidateNotNullorEmpty()]
[string]$ComputerName,
[parameter(Mandatory=$True)]
[ValidateNotNullorEmpty()]
[string]$Domain,
[parameter(Mandatory=$True)]
[ValidateNotNullorEmpty()]
[string]$IP,
[parameter(Mandatory=$True)]
[ValidateNotNullorEmpty()]
[string]$Gateway,
[parameter(Mandatory=$True)]
[ValidateNotNullorEmpty()]
[string]$Subnet
#[pscredential]$DomainAdminCred,
#[pscredential]$SafeModeAdminCred
)#Param
#unsecure, not safe or recommended way to do this
$Creds = ConvertTo-SecureString "Passw0rd!" -AsPlainText -Force
$DomainAdminCred = New-Object System.Management.Automation.PSCredential ("Administrator", $Creds)
$SafeModeAdminCred = New-Object System.Management.Automation.PSCredential ("Administrator", $Creds)
Import-DscResource -ModuleName xActiveDirectory,xNetworking,xComputerManagement,xPendingReboot,xSystemSecurity,xRemoteDesktopAdmin,xTimeZone,xWinEventLog
Node $NodeName{
LocalConfigurationManager{
RebootNodeifNeeded = $True
}
xComputer RenameDC{
Name = $ComputerName
}
File Scripts{
Ensure = "Present"
Type = "Directory"
DestinationPath = "C:\Scripts"
}
xIEESC SetAdminIEESC{
UserRole = "Administrators"
IsEnabled = $False
}
xUAC UAC{
Setting = "NeverNotifyAndDisableAll"
}
xTimeZone ServerTime{
TimeZone = "Central Standard Time"
}
xRemoteDesktopAdmin RemoteDesktopSettings
{
Ensure = 'Present'
UserAuthentication = 'Nonsecure'
}
xIPAddress SiteDCIP{
IPAddress = $IP
DefaultGateway = $Gateway
SubnetMask = $Subnet
AddressFamily = "IPv4"
InterfaceAlias = "Ethernet"
DependsOn = "[File]Scripts"
}
WindowsFeature AD-Domain-Services {
Ensure = "Present"
Name = "AD-Domain-Services"
DependsOn = "[xIPAddress]SiteDCIP"
}
WindowsFeature RSAT-AD-AdminCenter {
Ensure = "Present"
Name = "RSAT-AD-AdminCenter"
}
WindowsFeature RSAT-ADDS {
Ensure = "Present"
Name = "RSAT-ADDS"
}
WindowsFeature RSAT-AD-PowerShell {
Ensure = "Present"
Name = "RSAT-AD-PowerShell"
}
WindowsFeature RSAT-AD-Tools {
Ensure = "Present"
Name = "RSAT-AD-Tools"
}
WindowsFeature RSAT-Role-Tools {
Ensure = "Present"
Name = "RSAT-Role-Tools"
}
WindowsFeature Telnet-Client{
Ensure = "Present"
Name = "Telnet-Client"
}
Service ADDomainWebServices{
State = "Running"
StartupType = "Automatic"
BuiltInAccount = "LocalSystem"
Name = "ADWS"
}
xADDomain BuildSiteDC{
DomainAdministratorCredential = $DomainAdminCred
SafeModeAdministratorPassword = $SafeModeAdminCred
DomainName = $Domain
DependsOn = "[WindowsFeature]AD-Domain-Services","[Service]ADDomainWebServices"
}
xPendingReboot PostDomainDeploy{
Name = "Test for reboot after building a domain"
}
xDNSServerAddress DCDNS{
Address = $IP
InterfaceAlias = "Ethernet"
AddressFamily = "IPv4"
DependsOn = "[xPendingReboot]PostDomainDeploy"
}
xWinEventLog DirectoryService{
LogName = "Directory Service"
DependsOn = "[xDNSServerAddress]DCDNS"
LogMOde = "Circular"
MaximumSizeInBytes = 16MB
}
}#Node
}#Configuration
BuildDC -NodeName localhost -Domain YourDomain.com -IP $SomeIP -Gateway $SomeGateway -Subnet 24 -OutputPath C:\Scripts\BuildDC -ConfigurationData $ConfigData -ComputerName $YourComputerName
Set-DscLocalConfigurationManager -Path $YourPath
Get-DSCLocalConfigurationManager
Start-DscConfiguration -Wait -Force -Verbose -Path $YourPath
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment