(Remote Installation Services)
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
[DCInstall]
The [DCInstall] section contains entries for installing a domain controller after the initial setup of the Microsoft Windows operating system finishes. The entries in this section apply only to Windows Server 2003, Standard Edition and Windows Server 2003, Enterprise Edition.
You can create an answer file that contains only this section, and run it after Setup completes and a user logs on to the system. The command for this is dcpromo /answer:answer_file.
Answer File Entries for the [DCInstall] Section
| Entry | Description |
|---|---|
AdministratorPassword |
Sets the local administrator password for the computer during the demotion of a domain controller to a member server. |
AllowAnonymousAccess |
Specifies whether any pre-Windows 2000 server authenticates users from this domain or any trusted domain. |
AutoConfigDNS |
Specifies whether the Active Directory Installation Wizard configures DNS for the new domain if it detects that the DNS dynamic update protocol is not available. |
ChildName |
Specifies whether to append the DNS label at the beginning of the name of an existing directory service domain when installing a child domain. |
ConfirmGc |
Specifies whether the replica is also a global catalog. |
CreateOrJoin |
Specifies whether the new tree domain is part of an existing forest of domains. |
CriticalReplicationOnly |
Specifies whether the promotion operation performs only critical replication and then continues, skipping the noncritical (and potentially lengthy) portion of replication. |
DatabasePath |
Specifies the fully qualified, non-UNC path to a directory on a fixed disk of the local computer that contains the domain database. |
DisableCancelForDnsInstall |
Specifies whether to disable the Cancel button during a DNS installation. |
DNSOnNetwork |
Specifies whether to set DNS server addresses automatically. |
DomainNetBiosName |
Assigns a network BIOS (NetBIOS) name to the new domain. |
IsLastDCInDomain |
Specifies whether the computer on which the Active Directory Installation Wizard is running is the last domain controller in the domain. |
LogPath |
Specifies the fully qualified, non-UNC path to a directory on a fixed disk of the local computer that contains the domain log files. |
NewDomain |
Indicates the type of a new domain: whether a new domain in a new forest, the root of a new tree in an existing forest, or a child of an existing domain. |
NewDomainDNSName |
Specifies the required name of a new tree in an existing domain or when Setup installs a new forest of domains. |
ParentDomainDNSName |
Specifies the DNS domain name of an existing directory service domain when installing a child domain. |
Password |
Specifies the password for the user name (account credentials) to use for promoting the member server to a domain controller. |
RebootOnSuccess |
Specifies whether to restart the computer upon successful completion. |
RemoveApplicationPartitions |
Specifies whether to remove application partitions during the demotion of a domain controller. |
ReplicaDomainDNSName |
Specifies the DNS domain name of the domain to replicate. |
ReplicaOrMember |
Specifies whether to convert an upgraded Windows NT 3.51 or Windows NT 4.0-based backup domain controller (BDC) to a domain controller or demote it to a regular member server in the domain. |
ReplicaOrNewDomain |
Specifies whether to install a new domain controller as the first domain controller in a new directory service domain or to install it as a replica directory service domain controller. |
ReplicationSourceDC |
Indicates the full DNS name of the domain controller from which you replicate the domain information. |
ReplicationSourcePath |
Indicates the location of the files used to create a new domain controller. |
SafeModeAdminPassword |
Supplies the password for the administrator account when starting the computer in Safe Mode or a variant of Safe Mode, such as Directory Services Restore Mode. |
SetForestVersion |
Indicates the functional level for a new forest. |
SiteName |
Specifies the name of an existing site where you can place the new domain controller. |
Syskey |
Indicates that the user must supply the system key. |
SysVolPath |
Specifies the fully qualified, non-UNC path to a directory on a fixed disk of the local computer. |
TreeOrChild |
Specifies that the new domain is the root of a new tree or a child of an existing domain. |
UserDomain |
Specifies the domain name for the user name (account credentials) used for promoting the member server to a domain controller. |
UserName |
Specifies the user name (account credentials) used for promoting the member server to a domain controller. |
AdministratorPassword
Sets the local administrator password for the computer during the demotion of a domain controller to a member server.
Syntax
AdministratorPassword = admin_password
| Value | Description |
|---|---|
Admin_password |
The local administrator password. |
Example
[DCInstall]
AdministratorPassword = YHR&#@FHD
Comments
The default is no password (blank).
This entry is valid only during a demotion. If you do not specify a value, Setup uses a blank administrator password.
Setup deletes the value from the answer file after the demotion operation finishes.
Note
- If you create a password that starts with an asterisk (*), Windows sets the password to Null. A null password could be a security risk and is not recommended.
AllowAnonymousAccess
Specifies whether any pre-Windows 2000 server authenticates users from this domain or any trusted domain.
Syntax
AllowAnonymousAccess = Yes | No
| Value | Description |
|---|---|
Yes |
Enables anonymous access to user and group information. Used with pre-Windows 2000 servers. |
No |
Makes the default permissions more restrictive. Used with Windows 2000 servers. |
Example
[DCInstall]
AllowAnonymousAccess = Yes
Comments
The default value is Yes.
AutoConfigDNS
Specifies whether the Active Directory Installation Wizard configures DNS for the new domain if it detects that the DNS dynamic update protocol is not available.
Syntax
AutoConfigDNS = Yes | No
| Value | Description |
|---|---|
Yes |
Configures DNS for the new domain if the DNS dynamic update protocol is not available. |
No |
Does not configure DNS for the domain. |
Example
[DCInstall]
AutoConfigDNS = Yes
Comments
The default value is Yes.
ChildName
Specifies whether to append the DNS label at the beginning of the name of an existing Active Directory domain when installing a child domain.
Syntax
ChildName = child_domain_name
Example
[DCInstall]
ChildName = childdom.parentdom.fabrikam.com
Comments
For example, if the parent name is “parentdom.fabrikam.com” and the ChildName is “childdom,” then the name of the new domain is “childdom.parentdom.fabrikam.com.”
This new domain name must not already be in use and you must properly configure DNS services on the computer. This entry is required.
For more information, see the TreeOrChild entry later in the section “[DCInstall].”
ConfirmGc
Specifies whether the replica is also a global catalog.
Syntax
ConfirmGc = Yes | No
| Value | Description |
|---|---|
Yes |
Makes the replica a global catalog if the backup was a global catalog. |
No |
Does not make the replica a global catalog. |
Example
[DCInstall]
ConfirmGc = Yes
Comments
The default value is Yes.
This entry applies only if you specify ReplicationSourcePath. If you create the restored files from a backup of a global catalog, then the replica can also be a global catalog of those files.
CreateOrJoin
Specifies whether the new tree domain is part of an existing forest of domains.
Syntax
CreateOrJoin = Create | Join
| Value | Description |
|---|---|
Create |
Creates a new forest of domains. |
Join |
Places the new domain at the root of a new domain tree in an existing forest of domains. |
Example
[DCInstall]
CreateOrJoin = Create
Comments
The default value is Join.
Setup supports the CreateOrJoin entry for backward compatibility with Windows 2000 unattended installation. For unattended installation of Windows Server 2003, use the NewDomain entry instead.
CriticalReplicationOnly
Specifies whether the promotion operation performs only critical replication and then continues, skipping the noncritical (and potentially lengthy) portion of replication.
Syntax
CriticalReplicationOnly = Yes | No
| Value | Description |
|---|---|
Yes |
Skips noncritical replication. |
No |
Does not skip noncritical replication. |
Example
[DCInstall]
CriticalReplicationOnly = Yes
Comments
There is no default value.
If Setup skips noncritical replication, replication automatically and silently resumes when you restart the computer. The computer assumes its new role as a domain controller.
DatabasePath
Specifies the fully qualified, non-UNC path to a directory on a fixed disk of the local computer that contains the domain database.
Syntax
DatabasePath = path_to_database_files
Example
[DCInstall]
DatabasePath = %systemroot%\Data
Comments
The default is systemroot\NTDS.
Enclose path_to_database_files in quotation marks if it is a long file name.
If the directory exists, it must be empty. If the directory does not exist, Setup creates it.
The disk must have enough free disk space available (new domains require at least 20 MB) and must have room to grow if you plan to add numerous objects to the domain. For replica domains, you must specify the space required in the domain size.
For optimal performance, place the domain database on a different volume than the domain log files.
DisableCancelForDnsInstall
Specifies whether to disable the Cancel button during a DNS installation.
Syntax
DisableCancelForDnsInstall = Yes | No
| Value | Description |
|---|---|
Yes |
Does not display the Cancel button. During the DNS installation, the /c switch invokes the Optional Component Manager (OCM). |
No |
Displays the Cancel button. |
Example
[DCInstall]
DisableCancelForDnsInstall = Yes
Comments
The default value is No.
This entry applies only if the answer file indicates that the wizard installs DNS on the computer if it has not already installed it.
DNSOnNetwork
Specifies whether to set DNS server addresses automatically.
Syntax
DNSOnNetwork = Yes | No
| Value | Description |
|---|---|
Yes |
Sets the DNS server addresses manually for the computer. |
No |
Installs the DNS service, creates a valid DNS configuration, and creates a zone for the new domain with that service. |
Example
[DCInstall]
DNSOnNetwork = No
Comments
The default value is Yes.
This entry is used when installing the first domain in a new forest and the TCP/IP configuration has missing or incorrect DNS server addresses. Before the computer can become a domain controller, its TCP/IP stack must have a valid DNS configuration.
Note
- If
DNSOnNetwork = Yes, the Active Directory Installation Wizard does not test the client configuration. As a result, the user will have to manually set the server addresses later and might have to configure DNS manually for the new domain.
DomainNetBiosName
Assigns a network BIOS (NetBIOS) name to the new domain.
Syntax
DomainNetBiosName = domain_NetBIOS_name
Example
[DCInstall]
DomainNetBiosName = MY_DOMAIN
Comments
This entry is required, and the name specified must not already be in use as a domain or computer name. Setup ignores this entry when upgrading pre-Windows 2000 primary domain controllers.
IsLastDCInDomain
Specifies whether the computer on which the Active Directory Installation Wizard runs is the last domain controller in the domain.
Syntax
IsLastDCInDomain = Yes | No
| Value | Description |
|---|---|
Yes |
Indicates that this computer is the last domain controller in the domain. |
No |
Indicates that this computer is not the last domain controller in the domain. |
Example
[DCInstall]
IsLastDCInDomain = Yes
Comments
The default value is No.
This entry is valid only when demoting an existing domain controller to a member server.
LogPath
Specifies the fully qualified, non-UNC path to a directory on a fixed disk of the local computer that contains the domain log files.
Syntax
LogPath = path_to_log_files
Example
[DCInstall]
LogPath = %systemroot%\Logs
Comments
Enclose path_to_log_files in quotation marks if it is a long file name.
If the directory exists, it must be empty. If the directory does not exist, Setup creates it.
The disk must have enough free disk space available (new domains require at least 10 MB) and must have room to expand if you plan to add numerous objects to the domain. For replica domains, you must specify the space required in the domain size.
For optimal performance, place the log files on a different volume than the database files.
NewDomain
Indicates the type of a new domain: whether a new domain in a new forest, the root of a new tree in an existing forest, or a child of an existing domain.
Syntax
NewDomain = Tree | Child | Forest
| Value | Description |
|---|---|
Tree |
The new domain is the root of a new tree in an existing forest. |
Child |
The new domain is a child of an existing domain. |
Forest |
The new domain is the first domain in a new forest of domain trees. |
Example
[DCInstall]
NewDomain = Tree
Comments
The default value is Forest.
NewDomainDNSName
Specifies the required name of a new tree in an existing domain or when Setup installs a new forest of domains.
Syntax
NewDomainDNSName = DNS_name_of_domain
Example
[DCInstall]
NewDomainDNSName = newdom.fabrikam.com.
Comments
For example, this DNS name could be “newdom.fabrikam.com.”
ParentDomainDNSName
Specifies the DNS domain name of an existing directory service domain when installing a child domain.
Syntax
ParentDomainDNSName = DNS_name_of_domain
Example
[DCInstall]
ParentDomainDNSName = newdom.fabrikam.com
Comments
When specifying this entry, make sure that the current user has administrative credentials to the specified domain, and that you properly configure the DNS services. The domain name must refer to an existing directory service domain.
For more information, see TreeOrChild entry later in the section “[DCInstall].”
Password
Specifies the password for the user name (account credentials) to use for promoting the member server to a domain controller.
Syntax
Password = password
Example
[DCInstall]
Password = YH3$GJ
Comments
The answer file deletes the value after the promotion operation finishes.
Note
- If you create a password that starts with an asterisk (*), Windows sets the password to Null. A null password could be a security risk and is not recommended.
RebootOnSuccess
Specifies whether to restart the computer upon successful completion.
Syntax
RebootOnSuccess = Yes | No | NoAndNoPromptEither
| Value | Description |
|---|---|
No |
Does not restart, but prompts the user to restart. |
Yes |
Restarts upon successful completion. |
NoAndNoPromptEither |
Does not restart and does not prompt the user to restart. |
Example
[DCInstall]
RebootOnSuccess = No
Comments
You must restart the server to start the directory services.
RemoveApplicationPartitions
Specifies whether to remove application partitions during the demotion of a domain controller.
Syntax
RemoveApplicationPartitions = Yes | No
| Value | Description |
|---|---|
Yes |
Removes application partitions on the domain controller. |
No |
Does not remove application partitions on the domain controller. If the domain controller hosts the last replica of any application directory partition, you must manually confirm that you must remove these partitions. |
Example
[DCInstall]
RemoveApplicationPartitions = Yes
Comments
The default value is No.
Note
- If you remove the last replica of any application directory partition, Setup destroys the partition and all data it contains.
ReplicaDomainDNSName
Specifies the DNS domain name of the domain to replicate.
Syntax
ReplicaDomainDNSName = DNS_name_of_domain
Example
[DCInstall]
ReplicaDomainDNSName = fabrikam.com
Comments
This entry is valid only for backup domain controller (BDC) upgrades and domain controller installations. In such situations, you must specify a value or the installation fails.
Normally, the user who is currently logged on has administrative credentials to the specified domain, and Setup properly configures DNS services. The domain name must refer to an existing directory service domain.
ReplicaOrMember
Specifies whether to convert an upgraded Windows NT 3.51 or Windows NT 4.0-based backup domain controller (BDC) to a domain controller or demote it to a regular member server in the domain.
Syntax
ReplicaOrMember = Replica | Member
| Value | Description |
|---|---|
Replica |
Installs the server as a domain controller. |
Member |
Installs the new domain controller as a member server in a domain. |
Example
[DCInstall]
ReplicaOrMember = Replica
Comments
The default value is Member.
This entry is valid only when upgrading a BDC.
ReplicaOrNewDomain
Specifies whether to install a new domain controller as the first domain controller in a new directory service domain or to install it as a replica directory service domain controller.
Syntax
ReplicaOrNewDomain = Replica | Domain
| Value | Description |
|---|---|
Replica |
Installs the new domain controller as a replica directory service domain controller. |
Domain |
Installs the new domain controller as the first domain controller in a new directory service domain. You must specify the TreeOrChild entry with a valid value. |
Example
[DCInstall]
ReplicaOrNewDomain = Domain
Comments
The default value is Replica.
ReplicationSourceDC
Indicates the full DNS name of the domain controller from which you replicate the domain information.
Syntax
ReplicationSourceDC = DNS_name_of_DC
Example
[DCInstall]
ReplicationSourceDC = fabrikam.com
Comments
There is no default value.
ReplicationSourcePath
Indicates the location of the files used to create a new domain controller.
Syntax
ReplicationSourcePath = replication_source_path
Example
[DCInstall]
ReplicationSourcePath = %systemdrive%\Source
Comments
There is no default value.
The value must be the fully qualified path to a folder on the local computer where you copied the files.
This entry is used to indicate that the bulk of the directory data replication came from backup files that you restored to a volume on the server, rather than from another domain controller.
However, you cannot perform complete replication entirely from copied files. You need to access another domain controller (for more information, see the ReplicationSourceDC entry earlier in the section ““[DCInstall].””)
If this value is present and non-empty, then you can perform data replication by using the restored files. If this value is not present or is empty, then perform replication from another domain controller on the network.
If the value refers to a valid set of restored backup files, Setup ignores any value for the ReplicaDomainDNSName entry. The domain name to which the restored files belong takes precedence.
SafeModeAdminPassword
Supplies the password for the administrator account when starting the computer in Safe Mode or a variant of Safe Mode, such as Directory Services Restore Mode.
Syntax
SafeModeAdminPassword = password| None
| Value | Description |
|---|---|
password |
Specifies the password for the administrator account that you use when the computer is in Safe Mode. |
None |
Does not supply a password for the administrator account. |
Example
[DCInstall]
SafeModeAdminPassword = XHJ3$G
Comments
The default value is None.
Note
- If you create a password that starts with an asterisk (*), Windows sets the password to Null. A null password could be a security risk and is not recommended.
SetForestVersion
Indicates the functional level for a new forest.
Syntax
SetForestVersion = Yes | No
| Value | Description |
|---|---|
Yes |
Sets forest functional level to Windows Server 2003 interim. |
No |
Sets forest functional level to Windows 2000. |
Example
[DCInstall]
SetForestVersion = Yes
Comments
The default value is No.
Use the entry SetForestVersion = Yes if:
You want more efficient replication of large group memberships. This functional level includes improvements to the group membership replication feature in Active Directory and is useful if you have groups with many members.
You want to support Windows NT 4.0 and Windows Server 2003 domain controllers.
You will not have Windows 2000 domain controllers in your forest.
You must set the value of SetForestVersion to No if you plan to have Windows NT 4.0, Windows 2000 Server, and Windows Server 2003 domain controllers in your forest. This functional level does not support the large group membership replication feature.
Use this entry only when the destination computer is a domain controller upgraded from Windows NT 4.0 to Windows Server 2003, and is the first domain controller in a new forest. For more information about creating and typing new domains, see the NewDomain entry earlier in the section ““[DCInstall].””
Note
- If you set the functional level to Windows Server 2003 interim, you cannot change the functional level to enable Windows 2000 domain controllers later.
SiteName
Specifies the name of an existing site where you can place the new domain controller.
Syntax
SiteName = site_name
Example
[DCInstall]
SiteName = FirstSite
Comments
The default is the name of your first site.
If you do not specify a site, Setup selects a suitable site using the current site and subnet configuration of the forest.
Syskey
Indicates that the user must supply the system key.
Syntax
Syskey = <none> |system_key
Example
[DCInstall]
Syskey = 12345
Comments
The default is to not specify a system key.
This entry applies only if you specify ReplicationSourcePath. Setup uses this value if the restored files that are used to install a replica indicate that the user must supply the system key.
If the restored files indicate that the user must supply the system key on a floppy disk, then the system looks for the key on drive A.
SysVolPath
Specifies the fully qualified, non-UNC path to a directory on a fixed disk of the local computer.
Syntax
SysVolPath = path_to_database_file
Example
[DCInstall]
SysVolPath = %systemroot%\Sysvol
Comments
Enclose path_to_database_file in quotation marks if it is a long file name.
If the directory exists, it must be empty. If the directory does not exist, Setup creates it.
You must format the disk with NTFS version 5.0 before or during the unattended installation for this entry to be valid.
TreeOrChild
Specifies that the new domain is the root of a new tree or a child of an existing domain.
Syntax
TreeOrChild = Tree | Child
| Value | Description |
|---|---|
Tree |
Specifies that the new domain is the root of a new tree. You must specify the CreateOrJoin or NewDomain entries with a valid value. |
Child |
Specifies that the new domain is a child of an existing domain. |
Example
[DCInstall]
TreeOrChild = Tree
Comments
The default value is Child.
Setup supports TreeOrChild for backward compatibility with Windows 2000 unattended installation. For unattended installation of Windows Server 2003, use NewDomain instead.
UserDomain
Specifies the domain name for the user name (account credentials) used for promoting the member server to a domain controller.
Syntax
UserDomain = domain_name
Example
[DCInstall]
UserDomain = fabrikam.com
UserName
Specifies the user name (account credentials) used for promoting the member server to a domain controller.
Syntax
UserName = user_name
Example
[DCInstall]
UserName = ChrisGray