jump to navigation

How to use unattended mode to install and remove Active Directory Domain Services on Windows Server 2008-based domain controllers November 24, 2011

Posted by John Ruby in Solutions, Troubleshooting & Knowledge Bases.
add a comment

 

This article describes the syntax that you use to build answer files to perform unattended installations of Active Directory Domain Services on Windows Server 2008-based domain controllers. You can also use the answer files to remove AD DS in unattended mode.

Back to the top

INTRODUCTION

The Active Directory Domain Services Installation Wizard (Dcpromo.exe) performs…

The Active Directory Domain Services Installation Wizard (Dcpromo.exe) performs the following tasks:

  • Installs Active Directory Domain Services (AD DS) on Windows Server 2008-based workgroup servers and member servers
  • Removes AD DS from Windows Server 2008-based domain controllers

You can use this wizard together with an answer file to perform these tasks in unattended mode.

Back to the top

MORE INFORMATION

The answer file is an ASCII text file that provides automated user input for eac…

The answer file is an ASCII text file that provides automated user input for each page of the Active Directory Domain Services Installation Wizard.
To run the Active Directory Domain Services Installation Wizard in unattended mode, use the following command at a command prompt:

dcpromo /unattend:<path of the answer file>

Note The <path of the answer file> placeholder represents the path of the answer file that will be used to install or remove AD DS. You must be logged on as a local administrator for the computer to run this command.

Back to the top

Field values

Fields in the "[DCInstall]" section of the answer file specify the details of the installation or removal operation. The following list provides the common fields that are used for each operation. The default values are used if the option is not specified. The default values for these fields are described in the "Field definitions" section.

  • For new forest installations, the following options apply:

    [DCINSTALL]
    InstallDNS=yes
    NewDomain=forest
    NewDomainDNSName=<The fully qualified Domain Name System (DNS) name>
    DomainNetBiosName=<By default, the first label of the fully qualified DNS name>
    SiteName=<Default-First-Site-Name>
    ReplicaOrNewDomain=domain
    ForestLevel=<The forest functional level number>
    DomainLevel=<The domain functional level number>
    DatabasePath="<The path of a folder on a local volume>"
    LogPath="<The path of a folder on a local volume>"
    RebootOnCompletion=yes
    SYSVOLPath="<The path of a folder on a local volume>"
    SafeModeAdminPassword=<The password for an offline administrator account>

  • For child domain installations, the following options apply:

    [DCINSTALL]
    ParentDomainDNSName=<Fully qualified DNS name of parent domain>
    UserName=<The administrative account in the parent domain>
    UserDomain=<The name of the domain of the user account>
    Password=<The password for the user account> Specify * to prompt the user for credentials during the installation.
    NewDomain=child
    ChildName=<The single-label DNS name of the new domain>
    SiteName=<The name of the AD DS site in which this domain controller will reside> This site must be created in advance in the Dssites.msc snap-in.
    DomainNetBiosName=<The first label of the fully qualified DNS name>
    ReplicaOrNewDomain=domain
    DomainLevel=<The domain functional level number> This value cannot be less than the current value of the forest functional level.
    DatabasePath="<The path of a folder on a local volume>"
    LogPath="<The path of a folder on a local volume>"
    SYSVOLPath="<The path of a folder on a local volume>"
    InstallDNS=yes
    CreateDNSDelegation=yes
    DNSDelegationUserName= <The account that has permissions to create a DNS delegation> The account that is being used to install AD DS may differ from the account in the parent domain that has the permissions that are required to create a DNS delegation. In this case, specify the account that can create the DNS delegation for this parameter. Specify * to prompt the user for credentials during the installation.
    DNSDelegationPassword= <The password for the account that is specified for DNSDelegationUserName> Specify * to prompt the user for a password during the installation.
    SafeModeAdminPassword=<The password for an offline administrator account>
    RebootOnCompletion=yes

  • For a new tree in existing forest installations, the following options apply:

    [DCINSTALL]
    UserName=<An administrative account in the parent domain>
    UserDomain=<The name of the domain of the user account>
    Password=<The password for the adminstrative account> Specify * to prompt the user for credentials during the installation.
    NewDomain=tree
    NewDomainDNSName=<The fully qualified DNS name of the new domain>
    SiteName=<The name of the AD DS site in which this domain controller will reside> This site must be created in advance in the Dssites.msc snap-in.
    DomainNetBiosName=<The first label of the fully qualified DNS name>
    ReplicaOrNewDomain=domain
    DomainLevel=<The domain functional level number>
    DatabasePath="<The path of a folder on a local volume>"
    LogPath="<The path of a folder on a local volume>"
    SYSVOLPath="<The path of a folder on a local volume>"
    InstallDNS=yes
    CreateDNSDelegation=yes
    DNSDelegationUserName= <The account that has permissions to create a DNS delegation> The account that is being used to install AD DS may differ from the account in the parent domain that has the permissions that are required to create a DNS delegation. In this case, specify the account that can create the DNS delegation for this parameter. Specify * to prompt the user for credentials during the installation.
    DNSDelegationPassword=<The password for the account that is specified for DNSDelegationUserName> Specify * to prompt the user for a password during the installation.
    SafeModeAdminPassword=<The password for an offline administrator account>
    RebootOnCompletion=yes

  • For additional domain controller installations, the following options apply:

    [DCINSTALL]
    UserName=<The administrative account in the domain of the new domain controller>
    UserDomain=<The name of the domain of the new domain controller>
    Password=<The password for the UserName account>
    SiteName=<The name of the AD DS site in which this domain controller will reside> This site must be created in advance in the Dssites.msc snap-in.
    ReplicaOrNewDomain=replica
    ReplicaDomainDNSName=<The fully qualified domain name (FQDN) of the domain in which you want to add an additional domain controller>
    DatabasePath="<The path of a folder on a local volume>"
    LogPath="<The path of a folder on a local volume>"
    SYSVOLPath="<The path of a folder on a local volume>"
    InstallDNS=yes
    ConfirmGC=yes
    SafeModeAdminPassword=<The password for an offline administrator account>
    RebootOnCompletion=yes

  • For additional domain controller installations that use the Install From Media (IFM) method, the following options apply:

    [DCINSTALL]
    UserName=<The administrative account in the domain of the new domain controller>
    Password=<The password for the UserName account>
    UserDomain=<The name of the domain of the UserName account>
    DatabasePath="<The path of a folder on a local volume>"
    LogPath="<The path of a folder on a local volume>"
    SYSVOLPath="<The path of a folder on a local volume>"
    SafeModeAdminPassword=<The password of an offline administrator account>
    CriticalReplicationOnly=no
    SiteName=<The name of the AD DS site in which this domain controller will reside>
    This site must be created in advance in the Dssites.msc snap-in.
    ReplicaOrNewDomain=replica
    ReplicaDomainDNSName=<The fully qualified domain name (FQDN) of the domain in which you want to add an additional domain controller>
    ReplicationSourceDC=<An existing domain controller in the domain>
    ReplicationSourcePath=<The local drive and the path of the backup>
    RebootOnCompletion=yes

  • For read-only domain controller (RODC) installations, the following options apply:

    [DCINSTALL]
    UserName=<The administrative account in the domain of the new domain controller>
    UserDomain=<The name of the domain of the user account>
    PasswordReplicationDenied=<The names of the user, group, and computer accounts whose passwords are not to be replicated to this RODC>
    PasswordReplicationAllowed =<The names of the user, group, and computer accounts whose passwords can be replicated to this RODC>
    DelegatedAdmin=<The user or group account name that will install and administer the RODC>
    SiteName=Default-First-Site-Name
    CreateDNSDelegation=no
    CriticalReplicationOnly=yes
    Password=<The password for the UserName account>
    ReplicaOrNewDomain=ReadOnlyReplica
    ReplicaDomainDNSName=<The FQDN of the domain in which you want to add an additional domain controller>
    DatabasePath= "<The path of a folder on a local volume>"
    LogPath="<The path of a folder on a local volume>"
    SYSVOLPath="<The path of a folder on a local volume>"
    InstallDNS=yes
    ConfirmGC=yes
    SafeModeAdminPassword=<The password for an offline administrator account>
    RebootOnCompletion=yes

  • For removal of AD DS, the following options apply:

    [DCINSTALL]
    UserName=<An administrative account in the domain>
    UserDomain=<The domain name of the administrative account>
    Password=<The password for the UserName account>
    AdministratorPassword=<The local administrator password for the server>
    RemoveApplicationPartitions=yes
    RemoveDNSDelegation=yes
    DNSDelegationUserName=<The DNS server administrative account for the DNS zone that contains the DNS delegation>
    DNSDelegationPassword=<The password for the DNSDelegationUserName account>
    RebootOnCompletion=yes

  • For removal of AD DS from the last domain controller in a domain, the following options apply:

    [DCINSTALL]
    UserName=<An administrative account in the parent domain>
    UserDomain=<The domain name of the UserName account>
    Password=<The password for the UserName account> Specify * to prompt the user for credentials during the installation.
    IsLastDCInDomain=yes
    AdministratorPassword=<The local administrator password for the server>
    RemoveApplicationPartitions=If you want to remove the partitions, specify "yes" (no quotation marks) for this entry. If you want to keep the partitions, this entry is optional.
    RemoveDNSDelegation=yes
    DNSDelegationUserName=<The DNS server administrative account for the DNS zone that contains the DNS delegation>
    DNSDelegationPassword=<The password for the DNS server administrative account>
    RebootOnCompletion=yes

  • For removal of the last domain controller in a forest, the following options apply:

    [DCINSTALL]
    UserName=<An administrative account in the parent domain>
    UserDomain=<The domain name of the UserName account>
    Password=<The password for the UserName account> Specify * to prompt the user for credentials during the installation.
    IsLastDCInDomain=yes
    AdministratorPassword=<The local administrator password for the server>
    RemoveApplicationPartitions=If you want to remove the partitions, specify "yes" (no quotation marks) for this entry. If you want to keep the partitions, this entry is optional.
    RemoveDNSDelegation=yes
    DNSDelegationUserName=<The DNS server administrative account for the DNS zone that contains the DNS delegation>
    DNSDelegationPassword=<The password for the DNS server administrative account>
    RebootOnCompletion=yes

How to use unattended mode to install and remove Active Directory Domain Services on Windows Server 2008-based domain controllers

Advertisements

Download EasyBCD 2.1.1 – NeoSmart Technologies November 23, 2011

Posted by John Ruby in Software, Utilities.
2 comments

 

EasyBCD is NeoSmart Technologies’ multiple award-winning answer to taking control of your bootloader. EasyBCD extends and revamps the Windows Vista/Windows 7 BCD bootloader, and with EasyBCD, almost anything is possible. Setting up and configuring a dual-boot between Windows 7, Windows Vista, older versions of Windows such as XP & 2003, Linux, Ubuntu, BSD, and Mac OS X is a breeze. You just point & click and EasyBCD does the rest. EasyBCD is free for all private, non-commercial use. For non-private/commercial/for-profit use, please purchase a license from our online store.

EasyBCD is geared for users of all kinds. Whether you just want to add an entry to your old XP partition or want to create a duplicate for testing purposes; if you’re interested in debugging the Windows Kernel or septuple-booting your seven test operating systems, EasyBCD is the key.

  • Boot into XP/Vista/7/Ubuntu/OS X and more!
  • Boot from USB, Network, ISO images, Virtual Harddisks (VHD), WinPE, and more!
  • Repair the Windows bootloader, change your boot drive, create a bootable USB, and more!
  • Rename entries, set default boot target, change BCD timeout, hide the boot menu, and more!
  • Create your own custom boot sequence, hide drives on boot, backup and restore configurations, and more!

EasyBCD is used and/or recommended by Microsoft, PC-World, PC-Magazine, Softpedia, PC-Welt, Activision, and hundreds more! Don’t get left out – download it today, it’s free!!

Download EasyBCD 2.1.1 – NeoSmart Technologies

Creating Scheduled Tasks for Exchange 2010 PowerShell Scripts November 10, 2011

Posted by John Ruby in Solutions, Troubleshooting & Knowledge Bases.
add a comment

 

Creating Scheduled Tasks for Exchange 2010 PowerShell Scripts

by Mike Pfeiffer on February 22, 2010

The process for scheduling Exchange 2010 PowerShell scripts with Windows Task Scheduler is different that what you may be used to in Exchange 2007. This is because Exchange 2010 uses PowerShell remoting for Exchange Management Shell administration. In this post I’ll go over how you can schedule PowerShell scripts for Exchange 2010 tasks.

Here are a few things you’ll want to take note of before getting started.

  • Tasks can be scheduled with or without the Exchange tools installed – since all PowerShell management is done via remoting, we can schedule the tasks to run on a workstation, or on an Exchange server.
  • Script signing – as a best practice, you may want to consider signing your scripts.
  • Execution Policy – the PowerShell execution policy is set to remotesigned automatically when you install Exchange. You may need to set your execution policy if you’ll be scheduling tasks to run from a machine without the Exchange tools installed.
PowerShell Command Syntax for Scheduling Tasks on a Machine with the Exchange Management Tools Installed

The following command syntax is what you’ll want to use to schedule your task. You need to tell PowerShell to load the Exchange Management Shell environment before executing your script. This will give you access to all of the cmdlets, variables and functions that are loaded with Exchange Management Shell. To schedule a .ps1 script to move mailboxes, the syntax would look something like this:

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -command ". ‘C:\Program Files\Microsoft\Exchange Server\V14\bin\RemoteExchange.ps1’; Connect-ExchangeServer -auto; c:\Scripts\MoveMailboxes.ps1"

As you can see in the example, we’re using PowerShell code inside the command parameter. If you don’t want to use a .ps1 script you can embed your code within this parameter. Separate each line of PowerShell code using a semi colon. You might find this method useful for short scripts or one-liners. For example, say I want to schedule some mailbox moves from one DAG database to another, the syntax might look like this:

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -command ". ‘C:\Program Files\Microsoft\Exchange Server\V14\bin\RemoteExchange.ps1’; Connect-ExchangeServer -auto; Get-Mailbox -Database DAGDB1 | New-MoveRequest -TargetDatabase DAGDB2"

These examples assume you used the default installation path for Exchange 2010; you may need to modify these commands to match your configuration.

PowerShell Command Syntax for Scheduling Tasks on a Machine Without the Exchange Management Tools Installed

To schedule PowerShell scripts we don’t actually need the Exchange tools installed, all we need is PowerShell v2. We can use implicit remoting to import the Exchange Management Shell cmdlets from a specific server. Take a look at the syntax:

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -command "$s = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://fab-ex2.fabrikam.local/PowerShell/ -Authentication Kerberos ; Import-PSSession $s ; Get-Mailbox -Database DB1 | New-MoveRequest -TargetDatabase DB2"

This is very similar to the previous example as we specify all of our code within the command parameter. This time we create a new PSSession, import the PSSession, and then perform the mailbox move.

Scheduling a Task

Now that we’ve got the syntax figured out, we’re ready to schedule a PowerShell task using the Windows Task Scheduler. In this example we’ll schedule a task to do a mailbox move after hours, we’ll do this from the Exchange server.

First, start the task scheduler and create a new basic task.

Give your task a name, in this example we’ll name it "Move Mailbox", click next.

In this example, we are just scheduling a mailbox move, so we’ll choose "One time". If you have a script that needs to run daily then adjust the schedule accordingly.

Select the date and time you want to run the script and click next.

Select "Start a program" and click next.

Now paste the entire command into the "Program/Script" field and click next.

The task scheduler will ask if you want to run PowerShell.exe with the arguments specified. Verify that the syntax is correct and click yes.

That will bring you to the last screen, click finish.

There you go, you now have an Exchange PowerShell task scheduled to run.

If you have User Account Control (UAC) enabled, you may need to enable the option to Run with highest privileges in the properties of the scheduled task. Also, you will probably want to enable the option to Run whether user is logged on or not in the properties of the scheduled task.

Creating Scheduled Tasks for Exchange 2010 PowerShell Scripts

Acrobat Reader X Silent Installation November 10, 2011

Posted by John Ruby in Solutions, Troubleshooting & Knowledge Bases.
add a comment

 

/sAll       Silent Mode for product
/sPB               Silent Mode with Progress Bar for product
/rs                Reboot Suppress
/rps               Reboot Prompt Suppress
/ini "PATH"        Alternative initialization file
/sl "LANG_ID"      Set Language; LANG_ID - Code in decimal digits
/l                 Enable Error Logging
/msi[Command line] Parameters for MSIEXEC

If you want to do a silent installation, just type this:

AdbeRdr1000_en_US.exe /sAll /rs

This command installs Acrobat Reader X in silent mode and rebooting after installation is suppressed.

Acrobat Reader X Silent Installation | kombitz.com

Configuring a Server Core installation: Overview November 10, 2011

Posted by John Ruby in Solutions, Troubleshooting & Knowledge Bases.
add a comment

 

Configuring a Server Core installation: Overview

Configuring a Server Core installation: Overview

Because a Server Core installation does not include the Windows user interface, there is no "out-of-box experience" to help you complete the server configuration. Instead you must manually complete the configuration using the command-line tools as outlined in the following steps.

You can also configure certain aspects using the Server Configuration tool. To use the tool, see Configuring a Server Core installation of Windows Server 2008 R2 with Sconfig.cmd.

noteNote

You can use an unattended setup to configure these settings during installation. For more information about unattended settings, see the Windows Automated Installation Kit (Windows AIK) (http://go.microsoft.com/fwlink/?LinkId=81030).

Administrative credentials

If you are going to join a server running a Server Core installation to an existing Windows domain, you need a user name and password for an account that has the administrative credentials to join a computer to the domain.

Known issues for configuring a Server Core installation
  • If you close all command prompts, you will have no way to manage the Server Core installation. To recover, you can press CTRL+ALT+DELETE, click Start Task Manager, click File, click Run, and type cmd.exe. Alternatively, you can log off and log back on again.
  • Because there is no Web browser, you cannot activate a Server Core installation or access the Internet through a firewall that requires users to log on.

Steps for configuring a Server Core installation

The following procedures explain how to configure a computer running a Server Core installation. You’ll need to:

  • Set the administrative password.
  • Set a static IP address.

noteNote

A DHCP address is provided by default. You should perform this procedure only if you need to set a static IP address.

  • Join a domain.
  • Activate the server and entering a product key, if required.
  • Configure the firewall.
  • Configure several aspects with one tool (Windows Server 2008 R2 only).

To set the administrative password in Windows Server 2008

  1. When your computer starts for the first time after the installation completes, press CTRL+ALT+DELETE. Type Administrator for the user name and leave the password blank.

  2. The system will inform you that the password has expired and will prompt you to enter a new password.

  3. Type an appropriate password.

To set the administrative password in Windows Server 2008 R2

  1. When your computer starts for the first time after the installation completes, the system will inform you that the user’s password must be changed before logging on for the first time. Click OK.

  2. The system will prompt you to enter a password.

  3. Type an appropriate password.

To set a static IP address

  1. At a command prompt, type the following:

    netsh interface ipv4 show interfaces

  2. Make a note of the number shown in the Idx column of the output for your network adapter. If your computer has more than one network adapter, make a note of the number corresponding to the network adapter for which you wish to set a static IP address.

  3. At the command prompt, type:

    netsh interface ipv4 set address name="<ID>" source=static address=<StaticIP> mask=<SubnetMask> gateway=<DefaultGateway>

    Where:

    ID is the number from step 2 above.

    StaticIP is the static IP address that you are setting.

    SubnetMask is the subnet mask for the IP address.

    DefaultGateway is the default gateway.

  4. At the command prompt, type:

    netsh interface ipv4 add dnsserver name="<ID>" address=<DNSIP>index=1

    Where:

    ID is the number from step 2 above.

    DNSIP is the IP address of your DNS server.

  5. Repeat step 4 for each DNS server that you want to set, incrementing the index= number each time.

noteNote

If you set the static IP address on the wrong network adapter, you can change back to using the DHCP address supplied by using the following command:

netsh interface ipv4 set address name="<ID>" source=dhcp

where ID is the number of the network adapter from Step 2.

To join a domain

  1. At a command prompt, type:

    netdom join <ComputerName> /domain:<DomainName> /userd:<UserName> /passwordd:*

    Where:

    ComputerName is the name of the server that is running the Server Core installation.

    DomainName is the name of the domain to join.

    UserName is a domain user account with permission to join the domain.

  2. When prompted to enter the password, type the password for the domain user account specified by UserName.

  3. If you need to add a domain user account to the local Administrators group, type the following command:

    net localgroup administrators /add <DomainName>\<UserName>

  4. Restart the computer. You can do this by typing the following at a command prompt:

    shutdown /r /t 0

To rename the server

  1. Determine the current name of the server with the hostname or ipconfig command.

  2. At a command prompt, type:

    netdom renamecomputer <ComputerName> /NewName:<NewComputerName>

  3. Restart the computer.

To activate the server

  • For Windows Server 2008 R2, enter a product key by typing the following at a command prompt:

    slmgr.vbs –ipk<productkey>

    Then, for both Windows Server 2008 R2 and Windows Server 2008, activate the server by typing the following at a command prompt:

    slmgr.vbs -ato

If activation is successful, no message will return in the command prompt.

noteNote

You can also activate by phone, using a Key Management Service (KMS) server, or remotely by typing the following command at a command prompt of a computer that is running Windows Vista or Windows Server 2008:

cscript windows\system32\slmgr.vbs <ServerName> <UserName> <password>:-ato

To configure the firewall

  • Use the netsh advfirewall command. For example, to enable remote management from any MMC snap-in, type the following:

    netsh advfirewall firewall set rule group="Remote Administration" new enable=yes

noteNote

You can also use the Windows Firewall snap-in from a computer running Windows Vista or Windows Server 2008 to remotely manage the firewall on a server running a Server Core installation. To do this, you must first enable remote management of the firewall by running the following command on the computer running a Server Core installation:

netsh advfirewall set currentprofile settings remotemanagement enable

Configuring a Server Core installation: Overview