PowerShell script om Windows Server 2019 of 2022 in te stellen als een Domain Controller
LET OP: Zet dit script in C:\Scripts\ van de VM.
Auteur: Marcel Runte
Datum: 01-2024
# Script als Administrator draaien
if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
Start-Process PowerShell -Verb RunAs "-NoProfile -ExecutionPolicy Bypass -Command `"cd '$pwd'; & '$PSCommandPath';`"";
exit;
}
# Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
# Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Bypass -Force
Clear-Host
# Display the splash screen
Write-Output "###########################################################"
Write-Output "# #"
Write-Output "# Met dit script wordt een Domain Controller gemaakt! #"
Write-Output "# #"
Write-Output "###########################################################"
Write-Host ' '
Write-Host ' '
# Variabelen definiëren
$username = 'administrator'
# Write-Host 'De huidige computernaam is: ' Get-Content env:computername
$HostName = Read-Host -Prompt 'Geef de nieuwe computernaam op: [DC01]'
Write-Host -ForegroundColor Black '.'
Write-Host -ForeGroundColor Yellow 'Controleer dat CAPS LOCK UIT staat!'
Write-Host -ForegroundColor Black '.'
# Wachtwoord opgeven
#$password = Read-Host -Prompt 'Geef het Administrator wachtwoord op: [Pa$$w0rd]' -AsSecureString
$pwd1 = Read-Host -Prompt 'Geef het Administrator wachtwoord op: [Pa$$w0rd]' -AsSecureString
$pwd2 = Read-Host "Geef het wachtwoord nog een keer op " -AsSecureString
$pwd1_text = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($pwd1))
$pwd2_text = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($pwd2))
if ($pwd1_text -ceq $pwd2_text) {
Write-Host "De wachtwoorden zijn hetzelfde"
} else {
Write-Host "De wachtwoorden komen niet overeen! Start het script opnieuw!"
Exit
}
#$IPLAN instellen
$IPLAN = '172.16.20.200'
$prompt = Read-Host "Druk op <ENTER> om dit IP-adres te accepteren of geef een ander IP-adres op [$($IPLAN)]"
if ($prompt -eq "") {} else {
$IPLAN = $prompt
}
Write-Host -ForeGroundColor Yellow 'De computernaam wordt '$HostName' '
Write-Host -ForeGroundColor Yellow 'Het IP-adres wordt '$IPLAN' '
#Write-Host -ForeGroundColor Yellow 'De Default Gateway wordt '$GWLAN' '
$confirm = Read-Host "Klopt dit? y/n"
if ($confirm -eq 'y') {
# Te nemen actie: Netwerk instellen
Write-Host -ForeGroundColor Green 'Netwerkconfiguratie instellen'
$Null = Rename-NetAdapter -Name "Ethernet0" -NewName "LAN"
$Null = Set-NetIPInterface -InterfaceAlias "LAN" -DHCP Disabled
$Null = New-NetIPAddress -InterfaceAlias "LAN" –IPAddress $IPLAN -PrefixLength 24 -DefaultGateway 172.16.20.1
#$Null = Set-DNSClientServerAddress -InterfaceAlias "LAN" –ServerAddresses (“127.0.0.1”,”172.16.20.200”)
$Null = Set-DNSClientServerAddress -InterfaceAlias "LAN" –ServerAddresses (“127.0.0.1”,"$IPLAN")
$Null = Disable-NetAdapterBinding -InterfaceAlias "LAN" -ComponentID ms_tcpip6
} else {
Write-Host -ForeGroundColor Magenta "Het script is afgebroken! Start het script opnieuw!"
Exit
}
# Tijdzone
Write-Host -ForeGroundColor Green 'Tijdzone instellen op W. Europe Standard Time.'
$Null = Set-TimeZone -Name "W. Europe Standard Time"
# Opstarten van Server Manager uitschakelen
Write-Host -ForeGroundColor Green 'Het automatisch opstarten van Server Manager uitschakelen...'
$Null = Get-ScheduledTask -TaskName ServerManager | Disable-ScheduledTask -Verbose
# Windows Updates uitzetten
Write-Host -ForeGroundColor Green 'Windows Updates uitschakelen...'
$Null = Get-Service -DisplayName "Windows Update" | Stop-Service
$Null = Set-Service -Name "wuauserv" -StartupType Disabled
Start-Sleep 10
<# Functie om na de reboot het vervolg-script aan te roepen #>
function Set-RunOnce
{
[CmdletBinding()]
param
(
#The Name of the Registry Key in the Autorun-Key.
[string]
$KeyName = 'Run',
#Command to run
[string]
$Command = '%systemroot%\System32\WindowsPowerShell\v1.0\powershell.exe -executionpolicy bypass -file c:\Scripts\2_InstallAD.ps1'
)
if (-not ((Get-Item -Path HKLM:\Software\Microsoft\Windows\CurrentVersion\RunOnce).$KeyName ))
{
New-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\RunOnce' -Name $KeyName -Value $Command -PropertyType ExpandString
}
else
{
Set-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\RunOnce' -Name $KeyName -Value $Command -PropertyType ExpandString
}
}
# De Functie 'Set-RunOnce' aanroepen
$Null = Set-RunOnce
# Automatisch inloggen na de reboot
#
#The purpose of this PowerShell script is to set the AutoLogon and WinLogon registry strings using PowerShell, to setup a Windows Server or Workstation for Automatic Logon.
#The $UserName and $Password variables need to be configured for your environment.
#Please make sure the $UserName variables follows #DOMAINNAME\SAMACCOUNTNAME format.
#This needs to be run using an Elevated PowerShell ISE or PowerShell window (with Admin access on the computer you are running this on).
$RegistryLocation = 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon'
Set-ItemProperty $RegistryLocation -Name 'AutoAdminLogon' -Value '1'
Set-ItemProperty $RegistryLocation -Name 'DefaultUsername' -Value $username
Set-ItemProperty $RegistryLocation -Name 'DefaultPassword' -Value $password
# Hostname aanpassen en herstarten
Write-Host -ForeGroundColor Green 'Hostname aanpassen naar '$Hostname'...'
$Null = Rename-Computer -NewName $HostName -PassThru -LocalCredential Administrator -Restart