Install Active Directory from PowerShell

Install Active Directory from PowerShell

This post will detail how to install AD from PowerShell. This can be especially helpful for those wanting to use Server Core on the domain controllers instead of a server with a GUI. There are some basic commands that you will run to get it up running, and from there, you can use remote tools to manage your AD. I did all of this using Windows Server 2012 R2 Core.

Why use Core?

There are many reasons to use Server Core instead of server with a GUI. I prefer to use Core on anything that can handle it. Core is lighter, has less of an attack surface, and requires fewer updates and reboots. Usually, you can use Core if the server is hosting basic Windows features, such as IIS, file services, domain controllers, etc. SQL servers are also another good use of Core. Core might take some getting used to, but it’s worth it.

Installing a Domain

This how to install a fresh Active Directory Forest and Domain. First, we need to enable the role. To do that, type “powershell” at the command prompt. This will launch PowerShell. Next, type “get-windowsfeature”. This will show you which features you have installed, as well as the necessary information to install more.


In this case, we need to install domain services, which has a feature name of “AD-Domain-Services”. We can install it by running “install-windowsfeature -name AD-Domain-Services”. After the bits are installed, we can run additional commands to install our domain.

Because this is a new forest and domain, we will use the forest command. Here is what you need:

Install-ADDSForest –DomainName <domain_name> -InstallDNS -DomainMode win2012r2 –forestmode win2012r2 –DomainNetBIOSName <netbios name>

You need to fill in the appropriate values for domain_name and netbios name. There are also parameters for moving the database, sysvol, and logs. They are:


I also prefer to use the “-NoRebootOnCompletion” parameter so that I can read the output before the server restarts. Once you have your PowerShell line typed out, I encourage you to test it. Take your parameters and feed them to “Test-ADDSForestInstallation”. This will ensure that you have all of the right prerequisites, as well as parameters.

Build Account

After the domain is installed, I would suggest going ahead and building a domain admin account. This can be done with these commands:

New-ADUser <username> -enabled $true -AccountPassword (read-host -AsSecureString “AccountPassword”)
Add-ADGroupMember -identity “Domain Admins” -members “<username>”

Be sure to feed these commands a username. The important part is the accountpassword parameter. Because you have a fresh domain, the default password policy is in place. You cannot create an account with a blank password and then set it from the GUI later. Also, the command will not accept passwords in plain text, hence the read-host with the secure string setting.

Add a Second Controller

Once the domain is installed, we can add a second domain controller fairly easily. Join the server that will act as your second controller to your domain. Add the AD-Domain-Services role, just as we did earlier. Run this PowerShell command, filling in the appropriate information:

Install-ADDSDomainController -DomainName <domain_name> -InstallDNS -NoRebootOnCompletion -ReplicationSourceDC “<FQDN of first controller>”

You can also add the additional database, log, and sysvol parameters to this command. I would also recommend testing your command first using “Test-ADDSDomainControllerInstallation”.

Now you have a functioning domain installed on Server Core using PowerShell.



Contact Us

On Key

More Posts

Mastering Azure AD Connect - A Comprehensive Guide by WME
Active Directory

Mastering Azure AD Connect – A Comprehensive Guide

Modern businesses are fast moving toward cloud-based infrastructure. In fact, cloud-based business is not just a trend anymore but a strategic necessity. Microsoft’s Azure Active Directory (Azure AD) has become a frontrunner in this domain. It

Read More »
Security Best Practices in SharePoint
Office 365

Security Best Practices in SharePoint

Microsoft SharePoint is an online collaboration platform that integrates with Microsoft Office. You can use it to store, organize, share, and access information online. SharePoint enables collaboration and content management and ultimately allows your teams to

Read More »
The Ultimate Guide to Microsoft Intune - Article by WME
Active Directory

The Ultimate Guide to Microsoft Intune

The corporate world is evolving fast. And with that, mobile devices are spreading everywhere. As we venture into the year 2024, they have already claimed a substantial 55% share of the total corporate device ecosystem. You

Read More »
Protecting Microsoft 365 from on-Premises Attacks
Cloud Security

How to Protect Microsoft 365 from On-Premises Attacks?

Microsoft 365 is diverse enough to enrich the capabilities of many types of private businesses. It complements users, applications, networks, devices, and whatnot. However, Microsoft 365 cybersecurity is often compromised and there are countless ways that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.