forked from dsccommunity/ActiveDirectoryDsc
-
Notifications
You must be signed in to change notification settings - Fork 0
/
5-ADDomainController_AddDomainControllerAndMoveRole_Config.ps1
76 lines (65 loc) · 2.28 KB
/
5-ADDomainController_AddDomainControllerAndMoveRole_Config.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
<#PSScriptInfo
.VERSION 1.0.1
.GUID 5ef6db28-ed7b-474e-aabf-7480d2730d36
.AUTHOR DSC Community
.COMPANYNAME DSC Community
.COPYRIGHT DSC Community contributors. All rights reserved.
.TAGS DSCConfiguration
.LICENSEURI https://github.com/dsccommunity/ActiveDirectoryDsc/blob/main/LICENSE
.PROJECTURI https://github.com/dsccommunity/ActiveDirectoryDsc
.ICONURI https://dsccommunity.org/images/DSC_Logo_300p.png
.RELEASENOTES
Updated author, copyright notice, and URLs.
#>
#Requires -Module ActiveDirectoryDsc
<#
.DESCRIPTION
This configuration will add a domain controller to the domain
contoso.com, and when the configuration is enforced it will
move the Flexible Single Master Operation (FSMO) role
'RIDMaster' from the current owner to this domain controller.
#>
Configuration ADDomainController_AddDomainControllerAndMoveRole_Config
{
param
(
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[System.Management.Automation.PSCredential]
$Credential,
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[System.Management.Automation.PSCredential]
$SafeModePassword
)
Import-DscResource -ModuleName PSDesiredStateConfiguration
Import-DscResource -ModuleName ActiveDirectoryDsc
node localhost
{
WindowsFeature 'InstallADDomainServicesFeature'
{
Ensure = 'Present'
Name = 'AD-Domain-Services'
}
WindowsFeature 'RSATADPowerShell'
{
Ensure = 'Present'
Name = 'RSAT-AD-PowerShell'
DependsOn = '[WindowsFeature]InstallADDomainServicesFeature'
}
WaitForADDomain 'WaitForestAvailability'
{
DomainName = 'contoso.com'
Credential = $Credential
DependsOn = '[WindowsFeature]RSATADPowerShell'
}
ADDomainController 'DomainControllerMinimal'
{
DomainName = 'contoso.com'
Credential = $Credential
SafeModeAdministratorPassword = $SafeModePassword
FlexibleSingleMasterOperationRole = @('RIDMaster')
DependsOn = '[WaitForADDomain]WaitForestAvailability'
}
}
}