-
Notifications
You must be signed in to change notification settings - Fork 0
/
Promover-DomainController.ps1
178 lines (162 loc) · 10.4 KB
/
Promover-DomainController.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
# Script para promover servidor a Domain Controller
#
$ErrorActionPreference = "Stop"
# Area de Definicao de Variaveis
$Domain = "dominio.Cliente"
$FileLocal = "C:\MIGRA\SecureLocal.txt"
$UserLocal = "administrator"
$PassLocal = Cat $FileLocal | ConvertTo-SecureString
$FileCliente = "C:\MIGRA\SecureCliente.txt"
$UserCliente = "dominio\usuario"
$PassCliente = Cat $FileCliente | ConvertTo-SecureString
# Obtencao da Credencial Local
$CredLocal = New-Object -TypeName System.Management.Automation.PSCredential `
-ArgumentList $UserLocal, $PassLocal
# Obtencao da Credencial do Cliente
$CredCliente = New-Object -TypeName System.Management.Automation.PSCredential `
-ArgumentList $UserCliente, $PassCliente
$FileCSV = "C:\MIGRA\Planilha_Migracao.csv"
$FolderIFMAD = "C:\MIGRA\IFMCliente"
# Obtencao dos parametros da linha do arquivo CSV correspondente a esta filial
$Hostname = $((Import-Csv $FileCSV -Delimiter ";").HostnameVM2)
$EnderecoIP = $((Import-Csv $FileCSV -Delimiter ";").IPVM2)
$ReplicationDC = $((Import-Csv $FileCSV -Delimiter ";").HOSTNAMEATUAL) + "." + $Domain
$Computer = $Hostname
$CodFilial = $((Import-Csv $FileCSV -Delimiter ";").CODIGO)
# Promovendo a DC e GC
Try {
Invoke-Command -ComputerName $Computer -ScriptBlock {
Import-Module ADDSDeployment;
Install-ADDSDomainController `
-NoGlobalCatalog:$false `
-CriticalReplicationOnly:$false `
-DatabasePath "C:\Windows\NTDS" `
-DomainName $using:Domain `
-InstallationMediaPath $using:FolderIFMAD `
-InstallDns:$true `
-LogPath "C:\Windows\NTDS" `
-NoRebootOnCompletion:$true `
-SysvolPath "C:\Windows\SYSVOL" `
-ReplicationSourceDC $ReplicationDC `
-Force:$true `
-Credential $using:CredCliente `
-Confirm:$false `
-SafeModeAdministratorPassword $using:PassLocal
}
}
Catch {
Write-Host -ForegroundColor Red "Falha ao executar comando para promover domain controller!"
Write-Host -ForegroundColor Red "Tente novamente ou promova manualmente."
Write-Host -ForegroundColor Red "Mensagem de Erro: " $_.Exception.Message
Write-Host -ForegroundColor Red "Item: " $_.Exception.ItemName
Exit
}
<#Write-Host
Write-Host -ForegroundColor Yellow "Verifique se o computador foi promovido a Domain Controller e retorne"
Write-Host -ForegroundColor Yellow "a este script. Caso tenha sido, pressione <ENTER> aqui para reinicia-lo."
Write-Host -ForegroundColor Yellow "Caso nao, pressione CTRL-C agora neste script!"
$Nada = Read-Host#>
# Inserindo chave especifica no Domain Controller
Write-Host "Inserindo chave especifica no registro do Domain Controller $Computer..."
Try {
Invoke-Command -ComputerName $Computer -ScriptBlock {
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\services\NTDS\Parameters" -Name "Strict Replication Consistency" -Value 1 -PropertyType "DWord" -Force
}
}
Catch {
Write-Host -ForegroundColor Red "Impossivel inserir chave especifica no AD!"
Write-Host -ForegroundColor Red "Insira manualmente a chave:"
Write-Host -ForegroundColor Red "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters"
Write-Host -ForegroundColor Red "O nome eh 'Strict Replication Consistency', o valor eh 1 e o tipo eh DWORD."
Write-Host
Write-Host -ForegroundColor Red "Mensagem de Erro: " $_.Exception.Message
Write-Host -ForegroundColor Red "Item: " $_.Exception.ItemName
Write-Host
}
# Reiniciando Domain Controller
Write-Host -ForegroundColor Yellow "Reiniciando computador apos conclusao..."
Try {
Restart-Computer $Computer -Wait -For PowerShell -Confirm:$false -Force
}
Catch {
Write-Host -ForegroundColor Red "Impossivel reiniciar o computador $Computer! Tente faze-lo manualmente"
Write-Host -ForegroundColor Red "Apos reinicia-lo e fazer o logon em $Computer, volte aqui e pressione ENTER para continuar"
Write-Host -ForegroundColor Red "Mensagem de Erro: " $_.Exception.Message
Write-Host -ForegroundColor Red "Item: " $_.Exception.ItemName
Write-Host
Pause
}
Write-Host; Write-Host "Aguardando para que o Active Directory seja carregado em $Computer..."
For ($i = 1; $i -le 240; $i++) {
$Percentual = $i/240*100
$Percentual = "{0:N0}" -f $Percentual
Write-Progress "Aguardando que o Active Directory seja carregado em $Computer..." -Status "$Percentual% concluidos" -PercentComplete ($i/240*100)
Sleep 1
}
# Configurando parceiros de replicacao do AD (sentido agencia->DOMGV)
$Site = $((Import-Csv $FileCSV -Delimiter ";").HOSTNAMEATUAL).Substring(0,$((Import-Csv $FileCSV -Delimiter ";").HOSTNAMEATUAL).IndexOf("_"))
Write-Host; Write-Host "Configurando parceiros de replicacao do AD (sentido agencia->DOMGV)..."
Try {
Invoke-Command -ComputerName $Computer -Credential $CredCliente -ScriptBlock {
New-ADObject -Name 'AG001_GER01' -Type 'nTDSConnection' -OtherAttributes @{options="0";fromServer="CN=NTDS Settings,CN=AG001_GER01,CN=Servers,CN=DIRGE,CN=Sites,CN=Configuration,DC=Cliente";enabledConnection="TRUE"} -Path "CN=NTDS Settings,CN=$using:Hostname,CN=Servers,CN=$using:Site,CN=Sites,CN=Configuration,DC=Cliente"
New-ADObject -Name 'AG001_GER02' -Type 'nTDSConnection' -OtherAttributes @{options="0";fromServer="CN=NTDS Settings,CN=AG001_GER02,CN=Servers,CN=DIRGE,CN=Sites,CN=Configuration,DC=Cliente";enabledConnection="TRUE"} -Path "CN=NTDS Settings,CN=$using:Hostname,CN=Servers,CN=$using:Site,CN=Sites,CN=Configuration,DC=Cliente"
New-ADObject -Name 'AG001_GER03' -Type 'nTDSConnection' -OtherAttributes @{options="0";fromServer="CN=NTDS Settings,CN=AG001_GER03,CN=Servers,CN=DIRGE,CN=Sites,CN=Configuration,DC=Cliente";enabledConnection="TRUE"} -Path "CN=NTDS Settings,CN=$using:Hostname,CN=Servers,CN=$using:Site,CN=Sites,CN=Configuration,DC=Cliente"
New-ADObject -Name 'AG001_GER04' -Type 'nTDSConnection' -OtherAttributes @{options="0";fromServer="CN=NTDS Settings,CN=AG001_GER04,CN=Servers,CN=DIRGE,CN=Sites,CN=Configuration,DC=Cliente";enabledConnection="TRUE"} -Path "CN=NTDS Settings,CN=$using:Hostname,CN=Servers,CN=$using:Site,CN=Sites,CN=Configuration,DC=Cliente"
New-ADObject -Name 'AG001_GER05' -Type 'nTDSConnection' -OtherAttributes @{options="0";fromServer="CN=NTDS Settings,CN=AG001_GER05,CN=Servers,CN=DIRGE,CN=Sites,CN=Configuration,DC=Cliente";enabledConnection="TRUE"} -Path "CN=NTDS Settings,CN=$using:Hostname,CN=Servers,CN=$using:Site,CN=Sites,CN=Configuration,DC=Cliente"
}
}
Catch {
Write-Host -ForegroundColor Red "Impossivel configurar parceiros de replicao no AD sentido agencia->DOMGV!"
Write-Host -ForegroundColor Red "Realize esta configuracao manualmente."
Write-Host
Write-Host -ForegroundColor Red "Mensagem de Erro: " $_.Exception.Message
Write-Host -ForegroundColor Red "Item: " $_.Exception.ItemName
}
# Configurando parceiros de replicacao do AD (sentido DOMGV->agencia)
Write-Host; Write-Host "Configurando parceiros de replicacao do AD (sentido DOMGV->agencia)..."
Try {
Invoke-Command -ComputerName $Computer -Credential $CredCliente -ScriptBlock {
New-ADObject -Name "$using:Hostname" -Type 'nTDSConnection' -OtherAttributes @{options="0";fromServer="CN=NTDS Settings,CN=$using:Hostname,CN=Servers,CN=$using:Site,CN=Sites,CN=Configuration,DC=Cliente";enabledConnection="TRUE"} -Path 'CN=NTDS Settings,CN=AG001_GER01,CN=Servers,CN=DIRGE,CN=Sites,CN=Configuration,DC=Cliente'
New-ADObject -Name "$using:Hostname" -Type 'nTDSConnection' -OtherAttributes @{options="0";fromServer="CN=NTDS Settings,CN=$using:Hostname,CN=Servers,CN=$using:Site,CN=Sites,CN=Configuration,DC=Cliente";enabledConnection="TRUE"} -Path 'CN=NTDS Settings,CN=AG001_GER02,CN=Servers,CN=DIRGE,CN=Sites,CN=Configuration,DC=Cliente'
New-ADObject -Name "$using:Hostname" -Type 'nTDSConnection' -OtherAttributes @{options="0";fromServer="CN=NTDS Settings,CN=$using:Hostname,CN=Servers,CN=$using:Site,CN=Sites,CN=Configuration,DC=Cliente";enabledConnection="TRUE"} -Path 'CN=NTDS Settings,CN=AG001_GER03,CN=Servers,CN=DIRGE,CN=Sites,CN=Configuration,DC=Cliente'
New-ADObject -Name "$using:Hostname" -Type 'nTDSConnection' -OtherAttributes @{options="0";fromServer="CN=NTDS Settings,CN=$using:Hostname,CN=Servers,CN=$using:Site,CN=Sites,CN=Configuration,DC=Cliente";enabledConnection="TRUE"} -Path 'CN=NTDS Settings,CN=AG001_GER04,CN=Servers,CN=DIRGE,CN=Sites,CN=Configuration,DC=Cliente'
New-ADObject -Name "$using:Hostname" -Type 'nTDSConnection' -OtherAttributes @{options="0";fromServer="CN=NTDS Settings,CN=$using:Hostname,CN=Servers,CN=$using:Site,CN=Sites,CN=Configuration,DC=Cliente";enabledConnection="TRUE"} -Path 'CN=NTDS Settings,CN=AG001_GER05,CN=Servers,CN=DIRGE,CN=Sites,CN=Configuration,DC=Cliente'
}
}
Catch {
Write-Host -ForegroundColor Red "Impossivel configurar parceiros de replicao no AD sentido DOMGV->filial!"
Write-Host -ForegroundColor Red "Realize esta configuracao manualmente."
Write-Host
Write-Host -ForegroundColor Red "Mensagem de Erro: " $_.Exception.Message
Write-Host -ForegroundColor Red "Item: " $_.Exception.ItemName
}
# Alterando configuracao de DNS da VM2 e do host para apontar para a VM2
$DNS1 = $((Import-Csv $FileCSV -Delimiter ";").DNS1HOST)
$DNS2 = $((Import-Csv $FileCSV -Delimiter ";").DNS2HOST)
$DNS3 = $((Import-Csv $FileCSV -Delimiter ";").DNS3HOST)
$DNS4 = $((Import-Csv $FileCSV -Delimiter ";").DNS4HOST)
$DNS5 = $((Import-Csv $FileCSV -Delimiter ";").DNS5HOST)
[String[]]$DNS = $DNS1,$DNS2,$DNS3,$DNS4,$DNS5
Write-Host; Write-Host "Alterando configuracoes de DNS em $Computer..." -NoNewline
Try {
Invoke-Command -ComputerName $Computer -Credential $CredCliente -ScriptBlock {
$wmi = Get-WmiObject win32_networkadapterconfiguration -filter "ipenabled = 'true'"
$wmi.SetDNSServerSearchOrder($using:DNS) | Out-Null
}
}
Catch {
Write-Host -ForegroundColor Red "Impossível alterar DNS de $Computer!"
Write-Host -ForegroundColor Red "Mensagem de Erro: " $_.Exception.Message
Write-Host -ForegroundColor Red "Item: " $_.Exception.ItemName
}
Write-Host; Write-Host "Alterando configuracoes de DNS no host..." -NoNewline
Try {
$wmi = Get-WmiObject win32_networkadapterconfiguration -filter "ipenabled = 'true'"
$wmi.SetDNSServerSearchOrder($DNS) | Out-Null
}
Catch {
Write-Host -ForegroundColor Red "Impossível alterar DNS do host!"
Write-Host -ForegroundColor Red "Mensagem de Erro: " $_.Exception.Message
Write-Host -ForegroundColor Red "Item: " $_.Exception.ItemName
}
Write-Host; Write-Host "Script finalizado."; Write-Host