As a Linux Sysadmin, you might still find yourself managing few Windows Servers.
In those situations, instead of using the Windows GUI for administration, you might find it interesting to install and configure Windows Services from command line.
In this tutorial, we’ll explain how to install AD (Active Directory) on Windows 2012 Core Servers using the following command line utilities.
There are two high-level steps to install AD. First, install the AD itself. Second, promote the server as domain controller.
You can install AD from server manager GUI interface as we explained earlier. But, if you are Linux sysadmin, you might find it interesting to use the command line utilities instead of GUI.
1. Get AD Service Name
To begin the AD installation from the command line, we need to know the exact name of the Active Directory Service that we should install.
First, execute the “get-windowsfeature” command from the Windows powershell.
This will list all windows server features as shown below. As you see from this list, the AD service name is “AD-domain-services”.
2. Install AD Domain Service
To install Active Directory from the command line, use the “install-windowsfeature” command as shown below.
C:\> Install-windowsfeature AD-domain-services
This command will extract all required binary files and start the AD installation.
After completing the Active Directory installation, it will display the result in a table format as shown below.
3. Import ADDSDeployment Module
To increase the server performance all modules and commands are not loaded by default in the server. We have to import the modules as per our requirement.
To continue our AD installation and configuration, we need ADDSDeployment module. Import this module as shown below using import-module powershell command.
C:\> Import-Module ADDSDeployment
4. Commands to Promote Server as Domain Controller
Next, promote your server as Domain controller based on your requirement using any one of the following commands.
|Add-ADDSReadOnlyDomainControllerAccount||Install read only domain controller|
|Install-ADDSDomain||Install first domain controller in a child or tree domain|
|Install-ADDSDomainController||Install additional domain controller in domain|
|Install-ADDSForest||Install first domain controller in new forest|
|Test-ADDSDomainControllerInstallation||Verify prerequisites to install additional domain controller in domain|
|Test-ADDSDomainControllerUninstallation||Uninstall AD service from server|
|Test-ADDSDomainInstallation||Verify prerequisites to install first domain controller in a child or tree domain|
|Test-ADDSForestInstallation||Install first domain controller in new forest|
|Test-ADDSReadOnlyDomainControllerAccountCreation||Verify prerequisites to install Read only domain controller|
|Uninstall-ADDSDomainController||Uninstall the domain contoller from server|
5. Install First Domain Controller in Forest
In this example, we are installing the first domain controller in forest.
To install the Active directory with default configuration, execute “Install-AddsForest” command:
To install the Active directory with customized options, pass the appropropriate parameters as shown below. IN this example, we are setting several configuration parameters for our AD including the DomainName.
C:\> Install-ADDSForest -CreateDnsDelegation:$false ` -DatabasePath "C:\Windows\NTDS" ` -DomainMode "Win2012R2" ` -DomainName "thegeekstuff.com" ` -DomainNetbiosName "THEGEEKSTUFF" ` -ForestMode "Win2012R2" ` -InstallDns:$true ` -LogPath "C:\Windows\NTDS" ` -NoRebootOnCompletion:$false ` -SysvolPath "C:\Windows\SYSVOL" ` -Force:$true
6. Complete the AD Installation
Finally, this will prompt for SafeModeAdministratorPassword. This password is for the Directory Services Restore Mode (DSRM).
Set your DSRM password here, which will finish the AD installation and configuration on your Windows Server using the command line utilities.