Unattended installation of a Domain Controller

So far I’ve written about the Homelab hardware I’ve purchased and some basic configurations for my Storage and XenServers. And with the post on Sysprepping a Windows 2008 Server, I’m ready to build my Windows 2008 Test environment. With a (sysprepped) Windows 2008 Template for my VMs, I can easily clone the needed Servers and get my lab up and running and build a Windows Domain with multiple Servers and ServerRoles.

The first step in building my Windows Domain is to convert a Windows Server 2008 Member Server into a Domain Controller with the dcpromo.exe command.

 

This post is my own personal mental note for the unattended installation of my Windows Server 2008 Domain Controllers.

 

Unattended install of your Domain Controllers

Building your first Windows Server 2008 Domain Controller is a matter of using the dcpromo.exe command which Microsoft provides. You can run though the configuration wizard it automatically starts or you can decide to use an answerfile.

 

Running the dcpromo.exe command

The dcpromo.exe command is used to build your first Domain Controller (and Domain) as well as having additional Domain Controllers join an existing Domain. The commandline, when using an answerfile, is the same however.

* Running dcpromo.exe with an answerfile:

%WINDIR%\system32\dcpromo.exe /Answer:"[answerfile-path]"

 
Which uses the following additional syntax:

  • answerfile-path: The absolute path off the answerfile to be used with the command.

 

Answerfiles for the Domain Controllers

The content of your answerfile for the first Domain Controller needs to contain all the information to create a new Domain.

* first DC AnswerFile:


[DCInstall]
InstallDNS=yes
NewDomain=forest
NewDomainDNSName=[domain-name].[domain-dns-suffix]
DomainNetBiosName=[domain-name]
ReplicaOrNewDomain=Domain
ForestLevel=[domain-forest-level]
DatabasePath=[adds-db-path]
LogPath=[adds-log-path]
SYSVOLPath=[adds-sysvol-path]
SafeModeAdminPassword=[safemode-admin-password]
DNSOnNetwork=No
RebootOnCompletion=yes

 
Which uses the following additional syntax:

  • domain-name: The NetBIOS name for the new Domain.
  • domain-dns-suffix: The DNS suffix the new Domain will be using.
  • domain-forest-level: The functional level of the Domain Forest. 0=Windows 2000, 2=Windows 2003, 3=Windows 2008.
  • adds-db-path: The path for the AD DS database.
  • adds-log-path: The path for the AD DS logfiles.
  • adds-sysvol-path: The path for the AD DS SYSVOL.
  • safemode-admin-password: The password used in DS Restore Mode.

 

The content of your answerfile for the additional Domain Controllers needs to contain all the information to join an existing Domain.

* additional DC AnswerFile:

[DCInstall]
UserName=$[domain-admin-username]
UserDomain=$[domain-name]
Password=$[domain-admin-password]
ReplicaOrNewDomain=Replica
ReplicaDomainDNSName=$[domain-name].$[domain-dns-suffix]
ReplicationSourceDC=$[domain-replication-source]
DatabasePath=$[adds-db-path]
LogPath=$[adds-log-path]
SYSVOLPath=$[adds-sysvol-path]
InstallDNS=Yes
ConfirmGC=Yes
DNSOnNetwork=Yes
SafeModeAdminPassword=$[safemode-admin-password]
RebootOnCompletion=yes

 
Which uses the following additional syntax:

  • domain-admin-username: The Name of the useraccount the will be used to run the dcpromo command.
  • domain-admin-password: The Password of the useraccount.
  • domain-name: The NetBIOS name for the Domain that will be joined (and the useraccount is a member off).
  • domain-dns-suffix: The DNS suffix the new Domain will be using.
  • domain-replication-source: The Domain Controller that will be used as a source for replication of the Domain information.
  • adds-db-path: The path for the AD DS database.
  • adds-log-path: The path for the AD DS logfiles.
  • adds-sysvol-path: The path for the AD DS SYSVOL.
  • safemode-admin-password: The password used in DS Restore Mode.

 

A reboot is always required to complete a change in an AD DS role.
 

 

 

virtuEs Administrator
After finishing my Master of Science in Computer Science, I started working in the IT consultancy business in 1997. I've learned different diciplines, like web development, database administration, server administration and specialized in Server Based Computing solutions in 2007. Nowadays I'm designing new IT infrastructures as a Citrix Architect, specializing in Virtualization solutions.