Fed up with clicks on Windows ? Try some PowerShell scripts instead. With fewer clicks and more settings, you can create and manage stronger your infrastructure.

Let's start. This post will help you to create an Active Directory forest with the following components:

  • A domain named HOMELAB.LOCAL
  • A domain controller named brouette
  • Five organizational units (OUs): INTERNAL, groupes, projets, utilisateurs, and serveurs
  • A global group named admins_lab

The script first creates the necessary folders and installs the Active Directory Domain Services role on the server. Next, it tests if the role "ADDS" is installed - if not, it installs the ADDSDeployment module and uses the Install-ADDSForest cmdlet to create the forest. Finally, it creates OUs and the global group.

To run the script, save the content to a ".ps1" file and then run it from an elevated PowerShell prompt.

Here are some additional tips for creating and managing Active Directory with PowerShell:

  • The New-ADOrganizationalUnit cmdlet can be used to create OUs. The -Name parameter specifies the name of the OU, and the -Path parameter specifies the parent OU of the new OU.
  • The New-ADGroup cmdlet can be used to create groups. The -Name parameter specifies the name of the group, the -Description parameter specifies a description of the group, and the -GroupScope parameter specifies the scope of the group.

For more information on Active Directory and PowerShell, please see the following resources:

Here is the script:

<#
.SYNOPSIS
Ce script PowerShell installe le rôle Active Directory Domain Services et configure certaines unités organisationnelles et groupes.

.DESCRIPTION
Ce script effectue les étapes suivantes :
1. Vérifie si le rôle Active Directory Domain Services est déjà installé.
2. Installe le rôle Active Directory Domain Services si nécessaire.
3. Configure les unités organisationnelles et les groupes requis.

.NOTES
Auteur : Julien HOMMET
Date de création : 08/2023
Version : 1.0

.EXAMPLE
.\Install-ADRole.ps1
Exécute le script pour installer Active Directory et configurer les éléments nécessaires.
#>

# Variables
$ComputerName = "brouette"
$DomainNetbiosName = "HOMELAB"
$DomainFQDN = "$DomainName.local"
$LogPath = "C:\Logs\Install-ADDS.log"

mkdir C:\Logs

$ADInstalled = Get-WindowsFeature -Name AD-Domain-Services -ErrorAction SilentlyContinue

if ($ADInstalled.Installed) {
    Write-Host "Le rôle Active Directory Domain Services est déjà installé."
} else {
    # Installer le rôle Active Directory
    Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools -LogPath $LogPath

    # Vérifier si l'installation s'est déroulée avec succès
    if ($?) {
        Write-Host "Active Directory Domain Services a été installé avec succès."
        
        # Configuration d'Active Directory
        Import-Module ADDSDeployment
        Install-ADDSForest -CreateDnsDelegation:$false -DatabasePath "C:\Windows\NTDS" -DomainMode "WinThreshold" `
        -DomainName $DomainFQDN -DomainNetbiosName $DomainNetbiosName -ForestMode "WinThreshold" -InstallDns:$true `
        -LogPath $LogPath -NoRebootOnCompletion:$false -SysvolPath "C:\Windows\SYSVOL" -Force:$true

        # Créer des unités organisationnelles
        $InternalOUPath = "OU=INTERNAL,DC=HOMELAB,DC=LAB,DC=LOCAL"
        New-ADOrganizationalUnit -Name "INTERNAL" -Path $InternalOUPath
        New-ADOrganizationalUnit -Name "groupes" -Path $InternalOUPath
        New-ADOrganizationalUnit -Name "projets" -Path $InternalOUPath
        New-ADOrganizationalUnit -Name "utilisateurs" -Path $InternalOUPath
        New-ADOrganizationalUnit -Name "serveurs" -Path $InternalOUPath

        # Créer un groupe
        $GroupsOUPath = "OU=groupes,$InternalOUPath"
        New-ADGroup -Name "admins_lab" -Description "Administrateurs du lab" -GroupScope Global -Path $GroupsOUPath

        Write-Host "Le script s'est exécuté avec succès."
    } else {
        Write-Host "L'installation d'Active Directory a échoué."
    }
}

Feel free to use and modify it ! Don't forget to reboot the server afterward...

Partager l'article