Unattended Installation of Active Directory Domain Services

Introduction
Unattended installation means no user interaction, and this is exactly what we are going to do in this article, we are going to setup our first domain controller without going through the Server Manager, or going through the Active Directory Domain Services Installation Wizard the follows executing the dcpromo command. 

Note: This article was written when Windows Server 2008 was still RC1. Changes might occur later once the product is RTM'd

In a previous article, Setting Up Your First Domain Controller With Windows Server 2008, we have setup a domain controller through executing the dcpromo command and then going through the The Active Directory Domain Services Installation Wizard. At the end of the wizard and on the Summary page of the Active Directory Domain Services Installation Wizard, you can click Export settings to save the settings that you specified in the wizard to an answer file. You can then use the answer file to automate subsequent installations of Active Directory Domain Services (AD DS).

The answer file is a plain text file with a [DCInstall] header. The answer file provides answers to the questions that are asked by the Active Directory Domain Services Installation Wizard. Using the answer file eliminates the need for an administrator to interact with the wizard. The Active Directory Domain Services Installation Wizard adds text to the answer file that explains how to use it, such as how to invoke it with the dcpromo command and which settings must be updated to use it.

To use an answer file to install AD DS, type the following command at a command prompt, and then press ENTER:

dcpromo /answer [: filename ]

or dcpromo /unattend [: filename ]

Where filename is the name of your answer file.

The answer file to set up a new forest would look like this :

; DCPROMO unattended file
; Usage:
; dcpromo.exe /unattend:C:\answer_file.txt
; or dcpromo.exe /answer:\answer_file.txt
;
[DCInstall]
; New forest promotion
ReplicaOrNewDomain=Domain
NewDomain=Forest                   
NewDomainDNSName=elmajdal.net
ForestLevel=3
DomainNetbiosName=ELMAJDAL
DomainLevel=3
InstallDNS=Yes
ConfirmGc=Yes
CreateDNSDelegation=No
DatabasePath="C:\Windows\NTDS"
LogPath="C:\Windows\NTDS"
SYSVOLPath="C:\Windows\SYSVOL"
; Set SafeModeAdminPassword to the correct value prior to using the unattend file
SafeModeAdminPassword=MyPassword23$
; Run-time flags (optional)
; RebootOnCompletion=Yes

Download it from here , and make sure that you adjust it to the configurations that you need.
for example:

• NewDomainDNSName=elmajdal.net , make sure that you replace elmajdal.net with the domain name you want.
• ForestLevel=3 , This mean the Forest Functional Level will be set to Windows Server 2008, if you want to set it for Windows Server 2003, then set it to 2, whereas Windows 2000 Serve level is = 1
• DomainNetbiosName=ELMAJDAL , this is the NETBIOS name of my domain elmajdal.net , replace it with your Domain name NETBIOS name
• DomainLevel=3, this means the Domain Functional Level will be set to Windows Server 2008, if you want to set it for Windows Server 2003, then set it to 2, whereas Windows 2000 Serve level is = 1
• InstallDNS=Yes, DNS Service will be installed on your DC, if you do not wish to setup you DC as a DNS Server as well, then set it to NO
• DatabasePath="C:\Windows\NTDS"
  LogPath="C:\Windows\NTDS"
  SYSVOLPath="C:\Windows\SYSVOL"
  
  Either change the path where each of the above will be stored or keep them as they are by default.
• SafeModeAdminPassword=MyPassword23$, the password meet the password complexity requirements of the password policy, that is a password that contains a combination of uppercase and lowercase letters, numbers, and symbols

 Now that you have customized the answer file, lets run it and enjoy a cop of coffee while the server is being setup to be our first Domain Controller

1. Run the answer file , I have saved the answer file inside the C: drive, so i will run it using : dcpromo.exe /unattend:C:\answer_file.txt
   
   
   
   
2. The installation of AD DS will start with first checking if Active Directory Domain Services binaries are installed
   
   
   
   
3. The system will start checking if Active Directory Domain Services (AD DS) binaries are installed, then will start installing them. The binaries could be installed if you had run the dcpromo command previously and then canceled the operation after the binaries were installed.
   
   
   
   
4. Validating environment and parameters ..
   
   
   
   
5. DNS Installation will start as we have the InstallDNS=Yes in the answer file
   
   
   
   
6. When the DNS Server service installation is completed, the system will check if Group Policy Management Console (GMPC) is installed or not, then will start installing it if it was not found to be installed previously
   
   
   
   
7. Creating the SYSVOL folder, configuring the local computer to host Active Directory Domain Service by creating the directory partition
   
   
   
   
   
   
8. Then will start creating AD objects, and then Completing AD installation
   
   
   
   
9. Few services will be configured, and security configurations as well
   
   
   
   
   
   
   
   
10. Once the setup is completed, the server will automatically reboot (RebootOnCompletion=Yes )

Summary
Performing an unattended installation using an answer file is easy and can be performed without any user interaction, using the answer file eliminates the need for an administrator to interact with the wizard, and can be used to automate subsequent installations of Active Directory Domain Services.