Create Active Directory Forest via PowerShell

This blog covers creating a new Active Directory forest and adding a secondary domain controller to the domain via PowerShell.

Create Active Directory Forest

To create a new Active Directory (AD) forest, the below PowerShell commands can be run to simplify the process. To start off, run the below command to install the appropriate Windows Feature.

Run the below command to add the AD module into PowerShell now that it has been installed.

Once this has completed, it is time to create the AD forest. Adjust the below command to suit your own environment.

You will then be prompted to enter the SafeModeAdministratorPassword and again to verify it. Once this is entered you will see the console performing the operations and the server will eventually restart.

And that is pretty much it. Once the restart is finished you will be able to log in with your old local administrator (it is now the domain administrator) and configure your AD & DNS domain as you need.

Add Secondary Domain Controller

To create a secondary domain controller, ensure that your server has already joined the domain and you have completed all other post-provisioning tasks. To start off, run the below command to install the appropriate Windows Feature.

Run the below command to add the AD module into PowerShell now that it has been installed.

Once this has completed, it is time to join the server to the domain as a domain controller.

Once the server has restarted, you will be able to log into the domain controller as a domain administrator.

One comment

  1. What a fantastically detailed post. This is the second time I have had to rebuild my homelab, and this saved me so much time. Guaranteed it’ll happn again after I tinker one too many times, so I’m sure I’ll be back!

Leave a Reply to Tessa Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.