≡ Menu

How to Install Windows Active Directory from PowerShell Command Line

by on December 9, 2014

As a Linux Sysadmin, you might still find yourself managing few Windows Servers.

In those situations, instead of using the Windows GUI for administration, you might find it interesting to install and configure Windows Services from command line.

In this tutorial, we’ll explain how to install AD (Active Directory) on Windows 2012 Core Servers using the following command line utilities.

  • install-windowsfeature
  • import-module
  • install-addsforest


There are two high-level steps to install AD. First, install the AD itself. Second, promote the server as domain controller.

You can install AD from server manager GUI interface as we explained earlier. But, if you are Linux sysadmin, you might find it interesting to use the command line utilities instead of GUI.

1. Get AD Service Name

To begin the AD installation from the command line, we need to know the exact name of the Active Directory Service that we should install.

First, execute the “get-windowsfeature” command from the Windows powershell.

AD Get-WindowsFeature Command

This will list all windows server features as shown below. As you see from this list, the AD service name is “AD-domain-services”.

AD Get-WindowsFeature Command Output

2. Install AD Domain Service

To install Active Directory from the command line, use the “install-windowsfeature” command as shown below.

C:\> Install-windowsfeature AD-domain-services

This command will extract all required binary files and start the AD installation.

After completing the Active Directory installation, it will display the result in a table format as shown below.

AD Install-WindowsFeature Command

3. Import ADDSDeployment Module

To increase the server performance all modules and commands are not loaded by default in the server. We have to import the modules as per our requirement.

To continue our AD installation and configuration, we need ADDSDeployment module. Import this module as shown below using import-module powershell command.

C:\> Import-Module ADDSDeployment

4. Commands to Promote Server as Domain Controller

Next, promote your server as Domain controller based on your requirement using any one of the following commands.

Command Description
Add-ADDSReadOnlyDomainControllerAccount Install read only domain controller
Install-ADDSDomain Install first domain controller in a child or tree domain
Install-ADDSDomainController Install additional domain controller in domain
Install-ADDSForest Install first domain controller in new forest
Test-ADDSDomainControllerInstallation Verify prerequisites to install additional domain controller in domain
Test-ADDSDomainControllerUninstallation Uninstall AD service from server
Test-ADDSDomainInstallation Verify prerequisites to install first domain controller in a child or tree domain
Test-ADDSForestInstallation Install first domain controller in new forest
Test-ADDSReadOnlyDomainControllerAccountCreation Verify prerequisites to install Read only domain controller
Uninstall-ADDSDomainController Uninstall the domain contoller from server

5. Install First Domain Controller in Forest

In this example, we are installing the first domain controller in forest.

To install the Active directory with default configuration, execute “Install-AddsForest” command:

C:\> Install-AddsForest

To install the Active directory with customized options, pass the appropropriate parameters as shown below. IN this example, we are setting several configuration parameters for our AD including the DomainName.

C:\> Install-ADDSForest
 -CreateDnsDelegation:$false `
 -DatabasePath "C:\Windows\NTDS" `
 -DomainMode "Win2012R2" `
 -DomainName "thegeekstuff.com" `
 -DomainNetbiosName "THEGEEKSTUFF" `
 -ForestMode "Win2012R2" `
 -InstallDns:$true `
 -LogPath "C:\Windows\NTDS" `
 -NoRebootOnCompletion:$false `
 -SysvolPath "C:\Windows\SYSVOL" `
 -Force:$true

6. Complete the AD Installation

Finally, this will prompt for SafeModeAdministratorPassword. This password is for the Directory Services Restore Mode (DSRM).

Set your DSRM password here, which will finish the AD installation and configuration on your Windows Server using the command line utilities.

AD Install-ADDSForest Command
Add your comment

If you enjoyed this article, you might also like..

  1. 50 Linux Sysadmin Tutorials
  2. 50 Most Frequently Used Linux Commands (With Examples)
  3. Top 25 Best Linux Performance Monitoring and Debugging Tools
  4. Mommy, I found it! – 15 Practical Linux Find Command Examples
  5. Linux 101 Hacks 2nd Edition eBook Linux 101 Hacks Book

Bash 101 Hacks Book Sed and Awk 101 Hacks Book Nagios Core 3 Book Vim 101 Hacks Book

Tagged as: , , , , , , , ,

Comments on this entry are closed.

  • Ram December 10, 2014, 4:29 am

    Q: Why user create in /home directory ?

  • Arun December 12, 2014, 3:26 am

    I am using Windows XP and I installed powershell . But the command get-windowsfeature didn’t get wored . Idon’t know why ?

  • satheesh December 20, 2014, 6:00 am

    Hi Ram,

    In windows you can run the commands in all directory, So I ran commands in my home directory, but it will install in “C:\windows”.

    Quetion

  • Anthony Datu December 20, 2014, 3:48 pm

    Hi Ramesh,

    My question might be off topic, but do you happen to know if DBI-LDAP module works in Active Directory?

    Thanks,
    Anthony

  • Matthias June 6, 2015, 6:15 am

    Hello,
    if i entered the command i will aksed after the DSRM Password. If i had entered the first and press enter i get an error message “no positionparameter to accept SafeModeAdministratorPassword”.

    What have i do wrong?

    Thanks for your help

Next post:

Previous post:

RSS  |  Email  |  Twitter  |  Facebook



EBOOKS

POPULAR POSTS

CATEGORIES

Copyright © 2008–2023 Ramesh Natarajan. All rights reserved | Terms of Service