Install-ADDSDomain
Install-ADDSDomain
Installs a new Active Directory domain configuration.
Syntaxe
Parameter Set: ADDSDomain
Install-ADDSDomain -NewDomainName <String> -ParentDomainName <String> [-ADPrepCredential <PSCredential> ] [-AllowDomainReinstall] [-CreateDnsDelegation] [-Credential <PSCredential> ] [-DatabasePath <String> ] [-DnsDelegationCredential <PSCredential> ] [-DomainMode <DomainMode> ] [-DomainType <DomainType> ] [-Force] [-InstallDns] [-LogPath <String> ] [-NewDomainNetbiosName <String> ] [-NoDnsOnNetwork] [-NoGlobalCatalog] [-NoRebootOnCompletion] [-ReplicationSourceDC <String> ] [-SafeModeAdministratorPassword <SecureString> ] [-SiteName <String> ] [-SkipAutoConfigureDns] [-SkipPreChecks] [-SysvolPath <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>]
Description détaillée
The Install-ADDSDomain cmdlet installs a new Active Directory domain configuration.
Paramètres
-ADPrepCredential<PSCredential>
Specifies the user name and password that corresponds to the account to be used for running operations (if they are required) to prepare Active Directory prior to the installation of this domain. Specify "(Get-Credential)" to prompt the user to supply a password.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
NULL |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-AllowDomainReinstall
If this parameter is included, it specifies that an existing domain is to be recreated.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
NULL |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-CreateDnsDelegation
Indicates whether to create a DNS delegation that references the new DNS server that you are installing along with the domain controller. Valid for Active Directory-integrated DNS only. The default is computed automatically based on the environment.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
NULL |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-Credential<PSCredential>
Specifies the user name and password that corresponds to the account used to install the domain controller. Specify "(Get-Credential)" to prompt the user to supply a password.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
NULL |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-DatabasePath<String>
Specifies the fully qualified, non-Universal Naming Convention (UNC) path to a directory on a fixed disk of the local computer that contains the domain database, for example, C:\Windows\NTDS. The default is %SYSTEMROOT%\NTDS.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
NULL |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-DnsDelegationCredential<PSCredential>
Specifies the user name and password (account credentials) for the user creating DNS delegation. This parameter is skipped if the value for the -CreateDnsDelegation parameter is either specified or computed to be $false.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
NULL |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-DomainMode<DomainMode>
Specifies the domain functional level of the first domain in the creation of a new forest. Supported values for this parameter can be either a valid integer or a corresponding enumerated string value. For example, to set the domain mode level to Windows Server 2008 R2, you can specify either a value of 4 or Win2008R2.
The following are the supported values:
-- Windows Server 2003: 2 or Win2003
-- Windows Server 2008: 3 or Win2008
-- Windows Server 2008 R2: 4 or Win2008R2
-- Windows Server 2012: 5 or Win2012
-- Windows Server 2012 R2: 6 or Win2012R2
The domain functional level cannot be lower than the forest functional level, but it can be higher. The default is automatically computed and set.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
Windows2008R2 |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-DomainType<DomainType>
Indicates the type of domain that you want to create: a new domain tree in an existing forest (supported values are "TreeDomain" or "tree"), a child of an existing domain (supported values are "ChildDomain" or "child"). The default is ChildDomain.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
ChildDomain |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-Force
When this parameter is specified any warnings that might normally appear during the installation of the domain will be suppressed to allow the cmdlet to complete its operation. This parameter can be useful to include when scripting installation.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
none |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-InstallDns
Indicates whether the DNS Server service should be installed and configured for the domain or domain tree. For domain installation, if this parameter is left unspecified and the parent domain (or in the case of a domain tree, the forest root domain) already hosts and stores the DNS names for the domain, then the default for this parameter is $true and the DNS server will be installed. Otherwise, if DNS domain names are hosted outside of Active Directory, the default is $false and no DNS server will be installed.
To test if DNS domain names are hosted outside of Active Directory, this cmdlet uses a start of authority (SOA) type DNS query to ask the question "Does a zone exist for the domain name?" For example, if the value of -NewDomainName is "corp.contoso.com", Active Directory performs an SOA query for "corp.contoso.com" and ensures that the zone name in the response is " corp.contoso.com".
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
NULL |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-LogPath<String>
Specifies the fully qualified, non-UNC path to a directory on a fixed disk of the local computer that contains the domain log files, for example, C:\Windows\Logs. The default is %SYSTEMROOT%\NTDS.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
NULL |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-NewDomainName<String>
If the value set for -DomainType is set to "TreeDomain", this parameter can be used to specify the fully qualified domain name (FQDN) for the new domain tree (for example, "contoso.com"). If the value set for -DomainType is set to "ChildDomain", this parameter can be used to specify a single label domain name for the child domain (for example, specify "corp" to make a new doman "corp.contoso.com" if the new domain is in the contoso.com domain tree).
Alias |
none |
Obligatoire ? |
true |
Position ? |
named |
Valeur par défaut |
<mandatory> |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-NewDomainNetbiosName<String>
Specifies the NetBIOS name for the new domain. For NetBIOS names to be valid for use with this parameter they must be single label names of 15 characters or less.
If this parameter is set with a valid NetBIOS name value, then promotion continues with the name specified. If this parameter is not set, then the default is automatically computed from the value of the -NewDomainName parameter.
For example, if this parameter is not specified and a single-label prefix domain name of 15 characters or less is specified within the value of the -NewDomainName parameter, then promotion continues with an automatically generated NetBIOS domain name. For example, the prefix label "corp" within a full domain name value of "corp.contoso.com" would be a successful name choice.
Note that if the name value given for this parameter (or if it is omitted, the value of the single-label prefix domain name within the -NewDomainName parameter) is a name of 16 characters or more, then the domain installation fails. For example, if a value of "CORPORATEHEADQTRS" were specified for this parameter (or if this parameter is omitted and the value of -NewDomainName were set to be "corporateheadqtrs.contoso.com") then the domain installation will fail.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
NULL |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-NoDnsOnNetwork
Indicates that DNS service is not available on the network. This parameter is used only when the IP setting of the network adapter for this computer is not configured with the name of a DNS server for name resolution. It indicates that a DNS server will be installed on this computer for name resolution. Otherwise, the IP settings of the network adapter must first be configured with the address of a DNS server.
Omitting this parameter (the default) indicates that the TCP/IP client settings of the network adapter on this server computer will be used to contact a DNS server. Therefore, if you are not specifying this parameter, ensure that TCP/IP client settings are first configured with a preferred DNS server address.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
none |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-NoGlobalCatalog
Specifies that the read-only domain controller (RODC) will not be a global catalog server. By default, the domain controller that you are installing is a global catalog server.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
none |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-NoRebootOnCompletion
Specifies whether to restart the computer upon completion, regardless of success. (By default, reboot upon completion occurs when this cmdlet is used and this parameter is omitted.) As a general rule, Microsoft support recommends that you not use this parameter except for testing or troubleshooting purposes because once configuration has completed the server will not function correctly as either a member server or a DC until it is rebooted.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
none |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-ParentDomainName<String>
Specifies the fully qualified domain name (FQDN) of an existing parent domain.
Alias |
none |
Obligatoire ? |
true |
Position ? |
named |
Valeur par défaut |
<mandatory> |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-ReplicationSourceDC<String>
Specifies the fully qualified domain name (FQDN) of the domain controller to be used as the source for replicating to this domain. The default value for this parameter is automatically computed from the environment.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
NULL |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-SafeModeAdministratorPassword<SecureString>
Supplies the password for the administrator account when the computer is started in Safe Mode or a variant of Safe Mode, such as Directory Services Restore Mode. You must supply a password that meets the password complexity rules of the domain and the password cannot be blank. If specified with a value, the value must be a secure string.
If this parameter is not specified, the cmdlet prompts you to enter and confirm a masked password. This is the preferred usage when running the cmdlet interactively. If additionally there are no other arguments specified with the cmdlet, you will be prompted to enter a masked password for this parameter but no confirmation of the password entered will be made (which is not recommended as it could allow a mistyped password to be configured). Another available advanced option is to use the ConvertTo-SecureString cmdlet and specify the password string inline as unmasked console input, which is also not a recommended security best practice in production deployments.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
<mandatory> |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-SiteName<String>
Specifies the name of an existing site where you can place the new domain controller. The default value is the site that is associated with the subnet that includes the IP address of this server. If no such site exists, the default is the site of the replication source domain controller.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
NULL |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-SkipAutoConfigureDns
Skips automatic configuration of DNS client settings, forwarders, and root hints. This parameter is in effect only if the DNS Server service is already installed.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
NULL |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-SkipPreChecks
Indicates that only a base set of validations will be performed. This behavior is equivalent to the validations that were performed when using Dcpromo.exe in earlier versions of Windows Server to add a new domain. When this switch parameter is set, it specifies that additional preliminary checks should be bypassed. For more information on the scope of these additional preliminary checks that the ADDSDeployment module performs by default when using Windows Server 2012, refer to the table in the section “Prerequisite Checking” in the Understand and Troubleshoot AD DS Simplified Administration in Windows Server 2012 guide (https://go.microsoft.com/fwlink/?LinkID=237244).
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
none |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-SysvolPath<String>
Specifies the fully qualified, non-UNC path to a directory on a fixed disk of the local computer, for example, C:\Windows\SYSVOL. The default is %SYSTEMROOT%\SYSVOL.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
NULL |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-Confirm
Votre confirmation sera requise avant l’exécution de l’applet de commande.
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
false |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
-WhatIf
Présente les conséquences éventuelles de l’exécution de l’applet de commande. L’applet de commande n’est pas exécutée.
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
false |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
<CommonParameters>
Cette applet de commande prend en charge les paramètres courants : -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer et -OutVariable. Pour plus d’informations, consultez about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).
Entrées
Le type d’entrée correspond au type des objets que vous pouvez transmettre à l’applet de commande.
Sorties
Le type de sortie est le type des objets émis par l’applet de commande.
Remarques
- When a new domain tree is created in an existing forest, a two-way, transitive tree root trust is established by default.
Exemples
-------------------------- EXAMPLE 1 --------------------------
Description
-----------
Installs a new child domain named child.corp.contoso.com using credentials of CORP\EnterpriseAdmin1. This example also installs a DNS server, creates a DNS delegation in the corp.contoso.com domain, sets the domain functional level to Windows Server 2003, makes the domain controller a global catalog server in a site named Houston, uses DC1.corp.contoso.com as the replication source domain controller, installs the Active Directory database and SYSVOL on the D:\ drive, installs the log files on the E:\ drive, has the server not automatically restart after the domain installation is complete and causes the user to be prompted to provide and confirm the Directory Services Restore Mode (DSRM) password to complete and commit the installation of the domain in Active Directory.
PS C:\> Install-ADDSDomain -Credential (Get-Credential CORP\EnterpriseAdmin1) -NewDomainName child -ParentDomainName corp.contoso.com -InstallDNS -CreateDNSDelegation -DomainMode Win2003 -ReplicationSourceDC DC1.corp.contoso.com -SiteName Houston -DatabasePath "D:\NTDS" -SYSVOLPath "D:\SYSVOL" -LogPath "E:\Logs" -NoRebootOnCompletion
Rubriques connexes
Install-ADDS-Domain