DSCResources/MSFT_ADDomain/en-US/about_ADDomain.help.txt
.NAME
ADDomain .DESCRIPTION The ADDomain resource creates a new domain in a new forest or a child domain in an existing forest. While it is possible to set the forest functional level and the domain functional level during deployment with this resource the common restrictions apply. For more information see [TechNet](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels). ## Requirements * Target machine must be running Windows Server 2008 R2 or later. .PARAMETER DomainName Key - String The fully qualified domain name (FQDN) of a new domain. If setting up a child domain this must be set to a single-label DNS name. .PARAMETER Credential Required - String Specifies the user name and password that corresponds to the account used to install the domain controller. When adding a child domain these credentials need the correct permission in the parent domain. The credentials will also be used to query for the existence of the domain or child domain. This will not be created as a user in the new domain. The domain administrator password will be the same as the password of the local Administrator of this node. .PARAMETER SafeModeAdministratorPassword Required - String Password for the administrator account when the computer is started in Safe Mode. .PARAMETER ParentDomainName Write - String Fully qualified domain name (FQDN) of the parent domain. .PARAMETER DomainNetBiosName Write - String NetBIOS name for the new domain. .PARAMETER DnsDelegationCredential Write - String Credential used for creating DNS delegation. .PARAMETER DatabasePath Write - String Path to a directory that contains the domain database. .PARAMETER LogPath Write - String Path to a directory for the log file that will be written. .PARAMETER SysvolPath Write - String Path to a directory where the Sysvol file will be written. .PARAMETER ForestMode Write - String Allowed values: Win2008, Win2008R2, Win2012, Win2012R2, WinThreshold The Forest Functional Level for the entire forest. .PARAMETER DomainMode Write - String Allowed values: Win2008, Win2008R2, Win2012, Win2012R2, WinThreshold The Domain Functional Level for the entire domain. .PARAMETER DomainExist Read - Boolean Returns $true if the domain is available, or $false if the domain could not be found. .PARAMETER DnsRoot Read - String Returns the fully qualified domain name (FQDN) DNS root of the domain. .PARAMETER Forest Read - String Returns the fully qualified domain name (FQDN) of the forest. .EXAMPLE 1 This configuration will create a new domain with a new forest and a forest functional level of Server 2016. Configuration ADDomain_NewForest_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] $Credential, [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] $SafeModePassword ) Import-DscResource -ModuleName PSDscResources Import-DscResource -ModuleName ActiveDirectoryDsc node 'localhost' { WindowsFeature 'ADDS' { Name = 'AD-Domain-Services' Ensure = 'Present' } WindowsFeature 'RSAT' { Name = 'RSAT-AD-PowerShell' Ensure = 'Present' } ADDomain 'contoso.com' { DomainName = 'contoso.com' Credential = $Credential SafemodeAdministratorPassword = $SafeModePassword ForestMode = 'WinThreshold' } } } .EXAMPLE 2 This configuration will create a new child domain in an existing forest with a Domain Functional Level of Windows Server 2012R2. Configuration ADDomain_NewChildDomain_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] $Credential, [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] $SafeModePassword ) Import-DscResource -ModuleName PSDscResources Import-DscResource -ModuleName ActiveDirectoryDsc node 'localhost' { WindowsFeature 'ADDS' { Name = 'AD-Domain-Services' Ensure = 'Present' } WindowsFeature 'RSAT' { Name = 'RSAT-AD-PowerShell' Ensure = 'Present' } ADDomain 'child' { DomainName = 'child' Credential = $Credential SafemodeAdministratorPassword = $SafeModePassword DomainMode = 'Win2012R2' ParentDomainName = 'contoso.com' } } } |