This article explains how to install a new domain forest on Windows Server Core, or in the Windows Server CLI (Command Line Interpreter). I will not discuss any other option for RODCs, existing domains, child domains, and so on… there are a plethora of articles out there that describe those already.
It astounded me the first (several) times I tried to create a new domain using Windows Server Core installations as my first domain controller in the forest. There are, I should mention, copious articles on creating additional DCs in an existing domain, but I have not come across too many (any?) that explained creating the FIRST… i.e.: creating the forest FOR the trees 
This evening Steve Syfuhs and I sat down and attempted to do just that. Actually our original intentions had very little to do with that, but as we discovered along the way we would have two choices:
- Create a new physical server with Windows Server 2008 FULL install, create a new domain on GUI mode, join our Server Core machine to that domain, promote it to Domain Controller, transfer all Operations Master Roles to the Server Core machine, and continue on; or
- Figure out once and for all how to create our domain in Server Core.
I should point out that between us we read several dozen articles (including some written by some very reputable IT Pros) that CLAIMED that it was possible, but none that elaborated.
So we started clawing our way through the tidbits we gleaned from various sources and came up with the following unattend file that did the job:
[DCInstall]
InstallDNS=yes
NewDomain=forest
NewDomainDNSName=swmi.ca
DomainNetBiosName=SWMI
SiteName=Default-First-Site-Name
ReplicaOrNewDomain=domain
ForestLevel=3
DomainLevel=3
DatabasePath="%systemroot%ntds"
LogPath="%systemroot%ntds"
RebootOnCompletion=yes
SYSVOLPath="%systemroot%sysvol"
SafeModeAdminPassword=Pa$$w0rd
InstallDNS=yes
NewDomain=forest
NewDomainDNSName=swmi.ca
DomainNetBiosName=SWMI
SiteName=Default-First-Site-Name
ReplicaOrNewDomain=domain
ForestLevel=3
DomainLevel=3
DatabasePath="%systemroot%ntds"
LogPath="%systemroot%ntds"
RebootOnCompletion=yes
SYSVOLPath="%systemroot%sysvol"
SafeModeAdminPassword=Pa$$w0rd
Now: Once the file was created we put it in the root of C: on the server core machine, and typed the following command:
dcpromo /unattend:c:unattend.txt
The next user interaction was (after a reboot) a logon prompt for the SWMIAdministrator account.
I hope this helps the next group of IT Post trying to claw their way through the process… Creating AD Forests and Domains is something I have done a thousand times but always in GUI mode; from now on I can do it either way… and so can you!
No comments:
Post a Comment