Using AWS as lab space for Active Directory

My current adventure is providing guidance and coaching to 20+ Junior sys admins that have no experience with Active Directory.

 

I’ve had to do testing of some scripts for DNS setting from the command  line, so I  made up this little powershell script to use in the AWS user data section.  The other advantage that this script has is that it’s a simpe cut and paste if you want to do it on an existing machine.. Just get rid of the <powershell> tags at the start and end of the file once  you get a system up and running

 

As you can see the longest part of the script is writing the the unattend.txt file for the dcpromo.

<powershell>
# This should be able to be pasted into an AWS system startup script, or use it
# without the <powershell> tags on an existing system to make it a DC


import-module ServerManager
add-windowsfeature DNS, GPMC
add-windowsfeature AD-Domain-Services, ADDS-Domain-Controller

# create newforest-dcpromo.txt
set Unattendfile "newforest-dcpromo.txt"

add-content $Unattendfile "[DCINSTALL]"
add-content $Unattendfile "InstallDNS=yes"
add-content $Unattendfile "NewDomain=forest"
add-content $Unattendfile "NewDomainDNSName=YOURDOMAIN.local"
add-content $Unattendfile "DomainNetBiosName=YOURDOMAIN"
add-content $Unattendfile "SiteName=Default-First-Site-Name"
add-content $Unattendfile "ReplicaOrNewDomain=domain"
add-content $Unattendfile "ForestLevel=3"
add-content $Unattendfile "DomainLevel=3"
add-content $Unattendfile "DatabasePath=""%systemroot%\NTDS"""
add-content $Unattendfile "LogPath=""%systemroot%\NTDS"""
add-content $Unattendfile "RebootOnCompletion=yes"
add-content $Unattendfile "SYSVOLPath=""%systemroot%\SYSVOL"""
add-content $Unattendfile "SafeModeAdminPassword=TheOopsPasswordGoesHere"
add-content $Unattendfile "`n"


#password of domain admin will be what administrator is

dcpromo /unattend:newforest-dcpromo.txt
</powershell>

So what’s next?  Making this into a powershell script that I can run locally to do the entire server creation process.

 

Got One AWS test done.. what’s next?

Passed my AWS Technical Architect test today..

 

Solutions Architect-Associate

 

So they give you this nice pretty logo, who hoo.. Who knows? Maybe I’ll add the other two AWS certs to the bottom of this list and then become a follower of amazon web.

 

But I have to spend time and play with Azure now to see how that compares to AWS,  but it’s different, they only give you a free month, then you start paying, and also azure seems more expensive….