This helpful little document explains how to configure Windows Server 2012 using PowerShell and how to install Active Directory.
Obviously none of the commands work as described (or in that order).
So follows my guide for Windows Server 2012.
*** System Preparation ***
Downloads the missing PowerShell help files. Do this before you clone the computer. Also see the first command of the next region, Starting PowerShell, for something you better do before cloning the computer.
Resets the SID to give the computer a new identity. This is needed if the computer is a VM and a clone of another computer. Use the "Generalize" option.
rename-computer hal9000 -restart
Names the computer HAL9000 like in the movie and restarts the computer.
*** Starting PowerShell ***
In Server Core mode, type the following into the command line window visible on the desktop:
start powershell -windowstyle maximized
This will start PowerShell in a fairly big window. I recommend echoing this line into c:\ps.cmd. Use cmd rather than PowerShell for echoing lines into a file.
In a GUI mode, start PowerShell from Server Manager (Tools -> Windows PowerShell).
To restart the computer, type
This restarts the computer. Use stop-computer to shut down the computer.
*** Switching between Server Core (command line) and Graphical User Interface modes ***
Basically… run (the remove-windowsfeature commands below).
Shows currently installed Windows features. Pump through more command to see page by page.
Removes generic (non-server-related) graphical user interface tools (like the Server Manager) and the Windows Server 2012 Start Screen.
Removes all graphical user interface tools (excluding the window manager and some tools like Notepad).
$source = “d:\sources\sxs”
Stores a path to the second image represented by install.wim in $source. Use $source as argument for the -source parameter in the commands below. Add the -source $source parameter if your server is connected to the Internet and you want to make sure that it downloads features from the Windows DVD and not Windows Update somewhere on the net. (Windows Server 2012)
Note that this was apparently too simple and for Windows Server 2012 R2, you need to do this instead:
get-windowsimage -imagepath d:\sources\install.wim
This is the first step in ensuring that Windows actually installs Windows features from the DVD rather than downloading them via the slowest possible network it has access to (i.e. the Internet). Make a note of the Index of the distribution of Windows you are using.
$source = “wim:d:\sources\install.wim:2”
Stores a path to the second image represented by install.wim in $source. Use $source as argument for the -source parameter in the commands below. Add the -source $source parameter if your server is connected to the Internet and you want to make sure that it downloads features from the Windows DVD and not Windows Update somewhere on the net. (Windows Server 2012 R2)
Installs server-related graphical user interface tools (i.e. the Server Manager). This also installs wow64-support which it apparently requires, although Server Manager appears to be a 64 bit program.
Installs the entire graphical user interface (sans "Desktop Experience" which can be installed via add-windowsfeature desktop-experience if required for Remote Desktop users). This also installs wow64-support.
Removes Windows-on-Windows 64, the subsystem for running 32 bit (x86) applications. If this is needed we can re-install it by commanding add-windowsfeature wow64-support in a stern voice (in a PowerShell command line).
I will be assuming that we are running in Server Core mode or are using PowerShell for some other reason from here on.
Finally, you can change the screen resolution from PowerShell with
set-displayresolution 1024 768
Sets the screen resolution on Server Core to a width of 1024 pixels and a height of 768 pixels. That's 768432 pixels for you!
*** Configuring a network adapter ***
Gets a list of network adapters with interface aliases listed. We need the interface alias for the adapter to which we assigned an IP address. Let's say its name is "ethernet", which is likely.
new-netipaddress 192.168.10.10 -prefixlength 24 -defaultgateway 192.168.10.1 -interfacealias ethernet
Configured an IP addres 192.168.10.10/24 and a default gateway 192.168.10.1 for interface ethernet.
set-dnsclientserveraddress ethernet -serveraddresses 192.168.10.2
This sets the DNS servers (in this case one: 192.168.10.2, which I arbitrarily chose for this example). Note that for all servers in a domain the domain controller should be the DNS server used for this command.
*** Installing Active Directory and configuring a domain controller ***
Setting up Active Directory requires configuring DNS in the domain. This will be done on the domain controller here.
This command installs Active Directory and DNS.
install-addsforest -domainname example.com
This creates a new forest and a new domain named "example.com" and makes the current server a domain controller.
install-addsdomain -newdomainname ludwig -parentdomainname example.com -credential (get-credential example\administrator) -domaintype childdomain
This creates a new domain "ludwig.example.com" as a daughter domain to "example.com" and makes the current server a domain controller.
add-dnsserverprimaryzone example.com -zonefile example.com.dns
This creates a DNS primary zone.
add-dnsserverprimaryzone -networkid 10.168.192.in-addr.arpa -zonefile 10.168.192.in-addr.arpa.dns
This creates a "DNS Reverse Lookup Zone". Apparently that is important. Note that this is a reverse lookup zone for the network 192.168.10.0/24 or 192.168.10. The network address bytes are reversed. I have no idea how to create a DNS Reverse Lookup Zone for odd networks (i.e. those with a netmask not based on byte boundaries).
install-addsdomaincontroller -domain ludwig
Makes the current server a domain controller for the domain ludwig.
Removes domain controller functionality from the computer and deletes the domain if this is the last domain controller and the forest if this is the last domain.
Creates a new user named "superman" in the current domain.
set-adaccountpassword superman -reset
Will ask for the new password for the account superman. Without the -reset switch the command would ask for the existing password which for a new user is empty.
set-aduser superman -givenname Clark -surname Kent
Sets the given name and surname for user superman.
Returns the user superman with all information added above (except the password).
*** Adding a server to a domain ***
Recall that a computer's name can be changed by commanding
This will rename the current computer HAL9001.
Add the computer to a domain by claiming that
This will add the current computer to the domain ludwig.
Removes the computer from the domain. You can add switches -force -restart to automate what follows.
Finally, a domain user should be allowed to use this computer.
net localgroup administrators
This command shows the members of the local (to the computer) administrators group.
net localgroup administrators /add ludwig\superman
This commands makes the domain user ludwig\superman an administrator on the current computer. Use these commands with different group names if you want to add domain users to different local groups.
Installs the Active Directory configuration tools. Use this on servers you want to use for AD administration.
Continue with Installing SQL Server 2012.