DSC – The Simplest Domain Controller config, ever

IntroToDsc

This post is part of the Learning PowerShell DSC Series, here on FoxDeploy. Click the banner to return to the series jump page!


I’ve been pointing people to my series on DSC for a while now, and noticed that my instructions were not 100% accurate, plus I was sending people all over the web to download the needed files to build a Domain Controller using DSC. So, in this post, I’ll provide much simpler instructions to deploying a one-click domain controller.

I’ve also provided some custom versions of the DSC Resources used in this post, which include some code fixes not yet available on the PowerShell Gallery today.

To avoid heart-ache, I would strongly encourage you to use the copies I’m providing with this post.

 

DSC

  • First and foremost, download a .zip of the full repo here
  • Now, make sure you have a Windows Server machine ready, running WMF 5.0. If you need it, download it here
  • VM Configuration: The VM should have two network adapters.
  • The first one should be internal (that is to say facing the VMs where you’d like this DC to be accessible) and once the script completes, you’ll have working DHCP and DNS on this vSwitch.
  • The second vNic should be external, if desired. DNS and DHCP will not be provided on this connection.
  • Create a new Administrator on this machine. The Admin which you use to run this process becomes the first Domain Administrator in your new Domain.
  • Next, extract this to your new Domain Controller to be, under C:\temp.
  • Copy all of the xModuleName folders into $env:ProgramFiles\WindowsPowerShell\Modules on your VM
  • From an Administrative PowerShell prompt, run the below command to unblock all files downloaded.
dir -recurse -path $env:ProgramFiles\WindowsPowerShell\Modules | Unblock-File 

Now, simply launch OneClickDSC.ps1 in PowerShell, and click the Play button (or hit F5), to launch the GUI.

You only have to provide two values.  On the left, if you choose to, you can rename your computer.  If you choose to do so, you’ll have to reboot before you can complete DSC Application.  But DSC will continue after the reboot, so there’s really no worry.

On the right side of the screen, simply type in the domain name for your new Domain.  You’ll then be prompted for credentials.

IntroToDsc

This prompt is a little bit nonstandard. See, DSC will run a check for DSC consistency regularly, and it will do so using the values you type in on the credentials prompt as the DSC Admin account.

What’s going to happen is that our current account will be elevated to domain admin and when DSC runs this check again for consistency, it will use the credentials we specify here.

Important warning!!!! Make sure to specify your username as NewDomainName\CurrentUserName.  

So, if you’re making Domain Ham, and your name is Bacon, then login as Ham\Bacon.

IntroToDsc

That’s it

First step for application, is to change the computer’s name. This requires a reboot. So…reboot.

IntroToDsc

On restart, we can run the following commands to watch the rest of the DSC Application

#Pause the last application
Stop-DSCConfiguration -Force
#Resume so we can watch it
Start-DscConfiguration -ComputerName localhost -Wait -Force -Verbose -UseExisting

Now, if you diverged from using my copy of the DSC resources, you may run into an error, specifically w/ the computername module, around specifying a name for a Computer, without specifying a domain name. This is an open issue in GitHub right now, so hopefully the problem will be resolved soon, but for now, the copy you’ll get w/ this blog post has the proposed fix to the issue.

And…we’re done when we see this screen!

IntroToDsc

So, I hope this clears up the questions people were asking about how to use this ‘OneClick Domain Controller’.

My next plan is to add SQL support and the prerequisites for SCCM. And then we’ll work up to a one-click ConfigMgr install!

Advertisements

One thought on “DSC – The Simplest Domain Controller config, ever

  1. svangulick January 22, 2016 / 10:49 am

    This is really neat! Great work Stephen!

Have a code issue? Share your code by going to Gist.github.com and pasting your code there, then post the link here!

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s