Skip to content

Latest commit

 

History

History
176 lines (146 loc) · 4.04 KB

AddsDomain.adoc

File metadata and controls

176 lines (146 loc) · 4.04 KB

DSC Resource 'AddsDomain'

AddsDomain creates a new domain in a new forest or a child domain in an existing forest.

Source

DSC Resource

Documentation
Table 1. Attributes of category 'AddsDomain'
Parameter Attribute DataType Description Allowed Values

DomainFQDN

Mandatory

String

The fully qualified domain name (FQDN) of a new domain. If setting up a child domain this must be set to a single-label DNS name.

DomainName

Mandatory

String

NetBIOS name for the new domain.
Prerequisite for [dscyml_addsorgunitsandgroups], [dscyml_addsdomainusers_users]

DomainTrust

Hashtable

The DomainTrust resource will manage Bidirectional Forest Domain Trusts.

DomainDn

String

Distinguished Name (DN) of the domain.

Prerequisite for [dscyml_addsorgunitsandgroups_groups]

DomainJoinAccount

PSCredential

Placeholder to be able to store domain join account in the yaml files.

DomainAdministrator

PSCredential

Specifies the user account credentials to use to perform this task.

SafeModeAdministratorPassword

PSCredential

Password for the administrator account when the computer is started in Safe Mode.

DatabasePath

String

Path to a directory that contains the domain database.

Default: C:\Windows\NTDS

LogPath

String

Path to a directory for the log file that will be written.

Default: C:\Windows\Logs

SysvolPath

String

Path to a directory where the Sysvol file will be written.

Default: C:\Windows\SYSVOL

ForestMode

String

The Forest Functional Level for the entire forest.

  • Win2008

  • Win2008R2

  • Win2012

  • Win2012R2

  • WinThreshold (default)

ForceRebootBefore

Boolean

Force reboot before creating the new AD domain.

Note

Only one reboot after first start of a DSC configuration is supported.
To re-enable the system reboot feature the registry key value RebootBefore_ADDomain at HKLM:\SOFTWARE\DSC Community\CommonTasks\RebootRequests must be deleted.

  • False (default)

  • True
Table 2. Attributes of category 'AddsDomain/DomainTrust'
Parameter Attribute DataType Description Allowed Values

Fqdn

Mandatory

String

The fully qualified domain name (FQDN) of a trusted domain.

Name

Mandatory

String

Name of the domain trust.

Credential

Mandatory

pscredential

Specifies the credentials to authenticate to the target domain.
Example
AddsDomain:
  DomainFqdn: contoso.com
  DomainName: contoso
  DomainDN: DC=contoso,DC=com
  DomainJoinAccount: '[ENC=PE9ianMgVm...=]'
  DomainAdministrator: '[ENC=PE9ianMgVmVyc2l...=]'
  SafeModeAdministratorPassword: '[ENC=PE9ianMgVmVyc2lvbj...=]'
  DatabasePath: C:\Windows\NTDS
  LogPath: C:\Windows\Logs
  SysvolPath: C:\Windows\SYSVOL
  ForestMode: Win2012R2
  ForceRebootBefore: True
  DomainTrust:
    Fqdn: northwindtraders.com
    Name: northwindtraders
    Credential: '[ENC=PE9ianMgVmVyc2lvbj0i...=]'