Use PowerShell to Create a New Active Directory Forest on Windows 2019 Server Core Installation (no-GUI)

You have a fresh installation of Windows Server 2019 that was installed using the default installation type of server core installation (no-GUI). This server will be the first domain controller in a brand new Active Directory forest. You've completed the following configuration prior to attempting to turn this server into a domain controller:

  • Install all the available Windows Updates
  • Set the time zone
  • Set the computer name
  • Set a static IP address

Log into the server and launch PowerShell by typing powershell.exe. You’ll need to first add the AD-Domain-Services role to the server:

1Install-WindowsFeature -Name AD-Domain-Services

newaddomain1a.jpg

Store the SafeMode admin password in a variable. Per the documentation, this "Supplies the password for the administrator account when the computer is started in Safe Mode or a variant of Safe Mode, such as Directory Services Restore Mode."

1$Password = Read-Host -Prompt   'Enter SafeMode Admin Password' -AsSecureString

newaddomain2a.jpg

Now to make this server the first domain controller in a new forest:

1Install-ADDSForest -CreateDnsDelegation:$false -DatabasePath C:\Windows\NTDS -DomainMode WinThreshold -DomainName mikefrobbins.com -DomainNetbiosName MIKEFROBBINS -ForestMode WinThreshold -InstallDns:$true -LogPath C:\Windows\NTDS -NoRebootOnCompletion:$true -SafeModeAdministratorPassword $Password -SysvolPath C:\Windows\SYSVOL -Force:$true

newaddomain3a.jpg

You could also use the previous command with splatting to make it a little easier on the eyes instead of a long one-liner.

 1$Params = @{
 2CreateDnsDelegation = $false
 3DatabasePath = 'C:\Windows\NTDS'
 4DomainMode = 'WinThreshold'
 5DomainName = 'mikefrobbins.com'
 6DomainNetbiosName = 'MIKEFROBBINS'
 7ForestMode = 'WinThreshold'
 8InstallDns = $true
 9LogPath = 'C:\Windows\NTDS'
10NoRebootOnCompletion = $true
11SafeModeAdministratorPassword = $Password
12SysvolPath = 'C:\Windows\SYSVOL'
13Force = $true
14}
15
16Install-ADDSForest @Params

There's not a new domain or forest functional level for Windows Server 2019 so a value of "WinThreshold" or 7 puts it in Windows Server 2016 mode. The valid values are:

  • Default
  • Windows Server 2003: "Win2003" or "2"
  • Windows Server 2008: "Win2008" or "3"
  • Windows Server 2008 R2: Win2008R2 or "4"
  • Windows Server 2012: "Win2012" or "5"
  • Windows Server 2012 R2: "Win2012R2" or "6"
  • Windows Server 2016: "WinThreshold" or "7"

Per the documentation. "The domain functional level cannot be lower than the forest functional level, but it can be higher."

µ