CODEWITHSUNDEEP
windowspowershellactive-directorydomaincontroller
as8070
as8070

Reputation: 1

PowerShell Script Install-ADDSDomainController Error

I'm having an issue with a PowerShell script I am writing to automate Domain Controller promotions in AD.

I get the following error when run:

Install-ADDSDomainController : Object reference not set to an instance of an object.
+ Install-ADDSDomainController -InstallDns -DomainName "$localdomain" - ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : NotSpecified: (:) [Install-ADDSDomainController], NullReferenceException
+ FullyQualifiedErrorId : System.NullReferenceException,Microsoft.DirectoryServices.Deployment.PowerShell.Commands.InstallADDSDomainControllerCommand

This is the PowerShell script I wrote:

$Network = Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=TRUE
$defaultgateway = ($Network.DefaultIPGateway -like "*.*.*.*")

$localsitedc = switch ($defaultgateway)
{
 "192.168.40.1"   {"DC0.east.contestco.local"}
 "192.168.41.1"   {"DC0.west.contestco.local"}
 "192.168.42.1"   {"DC0.north.contestco.local"}
 "192.168.43.1"   {"DC0.south.contestco.local"}
 "192.168.48.1"   {"DC0.mobile.contestco.local"}
}

$localdomain = "{1}" -f ($localsitedc.Split(".",2))

$seclocalpasswd = ConvertTo-SecureString "MySecretLocalPassword" -AsPlainText -Force
$secadmpasswd = ConvertTo-SecureString "MySecretADPassword" -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ("CONTESTCO\Administrator", $secadmpasswd)

Install-ADDSDomainController -InstallDns -DomainName $localdomain -ReplicationSourceDC $localsitedc -SafeModeAdministratorPassword $seclocalpasswd -Credential $mycreds

Any help would be appreciated.

Thanks

Upvotes: 0

Views: 602

Answers (2)

as8070
as8070

Reputation: 1

I found that "-Force" was needed at the end of the Install-ADDSDomainController command. I forgot this command asked questions that the user needed to answer.

Upvotes: 0

ErkinD39
ErkinD39

Reputation: 388

Please check that

The machine you are installing as a DC has the has a gateway set and DNS Server points to a working DC/DNS server as listed in the post.

The machine you are installing as a DC has the necessary ports open to other sites as well (AD, LDAP, DNS ports), in the initial communication it may have to communicate with DNS servers for forest-wide queries. You may verify this with netstat -bn on the machine and check for a Sync_Sent status of an outgoing connection. You may refer to https://learn.microsoft.com/en-us/troubleshoot/windows-server/active-directory/config-firewall-for-ad-domains-and-trusts.

From the post, I understand that there are regional Active Directory domains in a single AD Forest. Pls ensure that AD replication between sites/domains are successful and also FSMO roles are in place and active. For the AD replication check repadmin /replsummary may be used. For the FSMO roles netdom query fsmo command may be used. Every domain should have three FSMO roles of its own domain + should be able to communicate with the two FSMO roles for the forest which are located in the root domain of the forest.

Upvotes: 0

Related Questions