Okay, so I posted the traditional way of handling this, with a BATCH file.
But, in reality all I did was sue a BATCH file to in turn process a PowerShell script. I considered this silly. There must be a way to process the PowerShell script without having to use the BATCH script.
I mean, come on. This is Server 2012 I am using and PowerShell v3. Yes, I know there are some advanced things that ca be done with BATCH scripting (I have done some in my history), but think out of the box here.
So, I spent bunches of time playing around with this (so you wouldn’t have to (if you stumbled on my post)).
In the end, it wasn’t that difficult, just had to think about things a bit differently.
Oh, and one important thing I left out of my previous post. Use a local administrator Run As account for adding the local administrator admin credentials to the OS and the same Run As account a second time to process the scripts.
So, here is the script the PowerShell way:
# Build a domain controller and the test domain.
# Add the RSAT tools
# Add the features
Add-WindowsFeature AD-Domain-Services -IncludeAllSubFeature -IncludeManagementTools
Add-WindowsFeature DNS -IncludeAllSubFeature -IncludeManagementTools
Add-WindowsFeature GPMC -IncludeAllSubFeature -IncludeManagementTools
# convert the password to a secure string as required
$secPass = ConvertTo-SecureString -String $safeModePass -AsPlainText -Force
# Create the Forest and Domain
Install-ADDSForest -CreateDnsDelegation:$false -DomainMode Win2012 -DomainName $domainName -DomainNetbiosName $netbiosName -ForestMode Win2012 -InstallDns -Force -SafeModeAdministratorPassword $secPass
I know what you are thinking, that can be shortened. And my reply; yes, it can. And you advanced folks, go right ahead.
Now, in the Application Configuration of the Tier in the Service. Two pre-install scripts.
The first pre-install script is to set script execution to RemoteSigned:
The executable program is: %WINDIR%\System32\WindowsPowerShell\v1.0\PowerShell.exe
And the Parameters are: -command set-executionpolicy remotesigned –force
(I don’t have a Run As account defined BTW).
The second pre-install script is everything above. But those are included in the Custom Resource Package as a .ps1 file.
The executable program is the same. The Parameters are different: -file .\DomainController.ps1 @DomainName@ @DomainNetbiosName@ @SafeModeAdministratorPassword@
And the Run As account is my local admin run as account profile. And the timeout needs to be turned up to about 600 seconds.
That is it. I tried it a few times. It works.