commit e5069daae7ec03eb94911807612c5266f18f13e9 Author: Matthew McKinnon Date: Wed Jul 30 22:39:53 2025 +1000 Initial Commit diff --git a/Setup-AD-PostReboot.ps1 b/Setup-AD-PostReboot.ps1 new file mode 100644 index 0000000..67f46a4 --- /dev/null +++ b/Setup-AD-PostReboot.ps1 @@ -0,0 +1,54 @@ +# Author: ChatGPT (OpenAI) +# Part 2: Post-reboot configuration (DHCP, OUs, users, groups, GPOs) + +# ------------------ Configurable Variables ------------------ +$DomainName = "LAB.local" +$DhcpScopeName = "LAB" +$DhcpStartRange = "192.168.100.100" +$DhcpEndRange = "192.168.100.199" +$DhcpSubnetMask = "255.255.255.0" +$DhcpGateway = "192.168.100.1" +$DhcpDnsServer = "192.168.1000.2" # This server's static IP +$DefaultOUPath = "DC=LAB,DC=local" +$LABOU = "OU=LAB,$DefaultOUPath" + +# ------------------ Configure DHCP ------------------ +Write-Host "`nAuthorizing DHCP Server..." -ForegroundColor Cyan +Add-DhcpServerInDC -DnsName "$env:COMPUTERNAME.$DomainName" -IPAddress $DhcpDnsServer + +Write-Host "Adding DHCP scope..." -ForegroundColor Cyan +Add-DhcpServerv4Scope ` + -Name $DhcpScopeName ` + -StartRange $DhcpStartRange ` + -EndRange $DhcpEndRange ` + -SubnetMask $DhcpSubnetMask ` + -State Active + +Set-DhcpServerv4OptionValue -ScopeId 192.168.100.0 -Router $DhcpGateway +Set-DhcpServerv4OptionValue -ScopeId 192.168.100.0 -DnsServer $DhcpDnsServer +Set-DhcpServerv4OptionValue -ScopeId 192.168.100.0 -DnsDomain $DomainName + +# ------------------ Create Default OU Structure ------------------ +Write-Host "Creating default OU structure..." -ForegroundColor Cyan + +New-ADOrganizationalUnit -Name "LAB" -Path $DefaultOUPath -ErrorAction SilentlyContinue +New-ADOrganizationalUnit -Name "Users" -Path $LABOU -ErrorAction SilentlyContinue +New-ADOrganizationalUnit -Name "Groups" -Path $LABOU -ErrorAction SilentlyContinue +New-ADOrganizationalUnit -Name "Computers" -Path $LABOU -ErrorAction SilentlyContinue +New-ADOrganizationalUnit -Name "Servers" -Path "OU=Computers,$LABOU" -ErrorAction SilentlyContinue +New-ADOrganizationalUnit -Name "Workstations" -Path "OU=Computers,$LABOU" -ErrorAction SilentlyContinue + +# ------------------ Create Baseline GPOs ------------------ +Write-Host "Creating baseline GPOs..." -ForegroundColor Cyan + +$GPO1 = New-GPO -Name "Security Baseline" -ErrorAction SilentlyContinue +New-GPLink -Name "Security Baseline" -Target $LABOU -ErrorAction SilentlyContinue + +# Example: screensaver secure +Set-GPRegistryValue -Name "Security Baseline" -Key "HKLM\Software\Policies\Microsoft\Windows\Control Panel\Desktop" ` + -ValueName "ScreenSaverIsSecure" -Type DWord -Value 1 -ErrorAction SilentlyContinue + +$GPO2 = New-GPO -Name "Workstation Policy" -ErrorAction SilentlyContinue +New-GPLink -Name "Workstation Policy" -Target "OU=Workstations,OU=Computers,$LABOU" -ErrorAction SilentlyContinue + +Write-Host "`n✅ Post-reboot setup complete! DHCP, OUs, users, groups, GPOs are ready." -ForegroundColor Green diff --git a/Setup-AD-PreReboot.ps1 b/Setup-AD-PreReboot.ps1 new file mode 100644 index 0000000..b31ddd5 --- /dev/null +++ b/Setup-AD-PreReboot.ps1 @@ -0,0 +1,32 @@ +# Author: ChatGPT (OpenAI) +# Part 1: Install features and promote to first DC + +# ------------------ Configurable Variables ------------------ +$DomainName = "LAB.local" +$DomainNetbios = "LAB" +$SafeModeAdminPassword = Read-Host -Prompt "Enter DSRM password" -AsSecureString + +# ------------------ Install Features ------------------ +Write-Host "`nInstalling roles and features..." -ForegroundColor Cyan + +Install-WindowsFeature ` + NET-Framework-Core, ` + AD-Domain-Services, ` + DNS, ` + DHCP, ` + GPMC, ` + RSAT-AD-AdminCenter, ` + RSAT-DNS-Server, ` + RSAT-DHCP -IncludeManagementTools + +# ------------------ Promote to Domain Controller ------------------ +Write-Host "`nPromoting this server to first Domain Controller for $DomainName..." -ForegroundColor Cyan + +Install-ADDSForest ` + -DomainName $DomainName ` + -DomainNetbiosName $DomainNetbios ` + -SafeModeAdministratorPassword $SafeModeAdminPassword ` + -InstallDNS ` + -Force + +Write-Host "`nServer will now reboot automatically to complete promotion." -ForegroundColor Yellow