1
00:00:01,440 --> 00:00:07,140
Why don't we pause our work here and let's make an RDP connection to root 2

2
00:00:07,140 --> 00:00:10,580
and we'll install Active Directory on this guy as well.

3
00:00:10,580 --> 00:00:14,780
So let's open up Visual Studio Code and let's first join this server

4
00:00:14,780 --> 00:00:19,240
to the timw.info domain. To join a server or workstation to an AD

5
00:00:19,240 --> 00:00:21,430
domain with PowerShell, we use add computer.

6
00:00:21,430 --> 00:00:24,160
This is just part of the core PowerShell modules,

7
00:00:24,160 --> 00:00:26,010
it's not part of the AD module.

8
00:00:26,010 --> 00:00:29,730
We've got Add‑Computer, we're going to the timw.info ‑DomainName.

9
00:00:29,730 --> 00:00:34,200
The credential is going to be my domain administrator timw\tim

10
00:00:34,200 --> 00:00:37,200
and I've thrown in ‑Verbose ‑Restart and ‑Force just for

11
00:00:37,200 --> 00:00:39,390
automation purposes. So to run this code,

12
00:00:39,390 --> 00:00:42,890
I will right‑click and Run Selection. I'll carefully type my

13
00:00:42,890 --> 00:00:46,700
domain administrator password, and after the domain join, that

14
00:00:46,700 --> 00:00:49,500
force should force the server to restart,

15
00:00:49,500 --> 00:00:53,500
after which it will be a member of the Tim W domain and we can promote it

16
00:00:53,500 --> 00:00:56,550
to become a second domain controller in our root domain.

17
00:00:56,550 --> 00:00:56,900
Okay,

18
00:00:56,900 --> 00:01:00,520
so we've come back on that server, I've signed in as a domain

19
00:01:00,520 --> 00:01:04,700
administrator, and we're back to VS Code. I wanted to let you know to

20
00:01:04,700 --> 00:01:08,460
make sure that you install the PowerShell VS Code module in order to give

21
00:01:08,460 --> 00:01:12,060
you language support for all PowerShell and VS Code. You can grab it

22
00:01:12,060 --> 00:01:14,000
right here from the Extension gallery,

23
00:01:14,000 --> 00:01:18,120
which I've already done, but let me bring up, maximize the view here.

24
00:01:18,120 --> 00:01:20,230
We'll want to do two things to bring up a domain

25
00:01:20,230 --> 00:01:21,770
controller programmatically here.

26
00:01:21,770 --> 00:01:25,540
We're going to install the server role and I'm going to do this in PowerShell,

27
00:01:25,540 --> 00:01:29,830
Install‑WindowsFeature, the name of the feature is AD‑Domain‑Services and I

28
00:01:29,830 --> 00:01:33,460
want to include the ManagementTools. And then to install an additional domain

29
00:01:33,460 --> 00:01:38,430
controller in your domain, we can invoke Install‑ADDSDomainController and I'm

30
00:01:38,430 --> 00:01:39,970
specifying the domain name,

31
00:01:39,970 --> 00:01:43,510
I do want DNS installed, and I'm going to validate that

32
00:01:43,510 --> 00:01:46,750
operation with a domain administrator account. Now,

33
00:01:46,750 --> 00:01:50,340
I'm going to in the interest of time just talk you through installing

34
00:01:50,340 --> 00:01:54,540
a child domain and we can do that again programmatically or in Server

35
00:01:54,540 --> 00:01:56,220
Manager, a number of different ways.

36
00:01:56,220 --> 00:01:58,830
I had originally hoped to show you Windows Admin

37
00:01:58,830 --> 00:02:01,700
Center on the client‑side, but again, in the interest of time,

38
00:02:01,700 --> 00:02:03,340
I will do that in a later lesson.

39
00:02:03,340 --> 00:02:05,610
But the same procedure starts the same,

40
00:02:05,610 --> 00:02:09,350
we want to install the server role on that Child domain controller, and

41
00:02:09,350 --> 00:02:13,540
then we can using the AD DS deployment PowerShell module, which you get

42
00:02:13,540 --> 00:02:15,850
as part of installing AD domain services.

43
00:02:15,850 --> 00:02:20,240
Do an Install‑ADDSDomain and we absolutely want to create a DNS

44
00:02:20,240 --> 00:02:22,940
delegation because my child domain is going to be called

45
00:02:22,940 --> 00:02:27,400
child.timw.info. Just about everything else is the same as what we

46
00:02:27,400 --> 00:02:31,390
did for the primary, the root domain controller, it's just the domain

47
00:02:31,390 --> 00:02:33,220
type here is going to be ChildDomain.

48
00:02:33,220 --> 00:02:38,060
We provide the NewDomainName, the NetbiosName, ParentDomainName, and

49
00:02:38,060 --> 00:02:42,410
importantly, we specify the site and it defaults to the built‑in

50
00:02:42,410 --> 00:02:44,870
catch all Default‑First‑Site‑Name site.

51
00:02:44,870 --> 00:02:47,770
We're going to customize our site configuration in the next

52
00:02:47,770 --> 00:02:49,980
lesson. But I'm not going to actually demo this,

53
00:02:49,980 --> 00:02:53,950
but I'm going to run this code on my CDC1 so I'll wind up at

54
00:02:53,950 --> 00:02:57,160
the end of this process with a read/write domain controller

55
00:02:57,160 --> 00:02:58,750
in the child domain as well.

56
00:02:58,750 --> 00:03:01,840
And then the next demo, I'll show you how to work with,

57
00:03:01,840 --> 00:03:05,480
install from media and setting up a read‑only domain controller.

58
00:03:05,480 --> 00:03:05,940
Okay.

59
00:03:05,940 --> 00:03:09,190
So it looks like we've got success on that installation,

60
00:03:09,190 --> 00:03:10,880
and then to finish this out again,

61
00:03:10,880 --> 00:03:15,020
what we're doing here is we're going to add an additional domain controller

62
00:03:15,020 --> 00:03:19,420
in our forest root domain so I'll provide my domain administrator

63
00:03:19,420 --> 00:03:22,690
credential, set my safe mode administrator password,

64
00:03:22,690 --> 00:03:25,070
have to remember that from how I set it up,

65
00:03:25,070 --> 00:03:25,800
confirm it.

66
00:03:25,800 --> 00:03:27,980
Do I want to continue with this operation?

67
00:03:27,980 --> 00:03:35,000
The target server will be configured as a domain controller and restarted. Y for yes, and away we go.