Welcome to Part 2 of my “Quickly Build a Multi-Server SharePoint 2013 Developer Environment” blog post series. The idea for this series of posts started while I was reading Vlad Catrinescu’s blog about building a single server environment. It’s a great blog post, but I wanted a multi-server installation so decided to write a series of posts to describe the process of accomplishing this. If you’re wanting to build out a multi-server developer environment, the information in this series will help you achieve this..

In Part 1 I outlined the environment, showed you how to create and configure your VMs with PowerShell and walked you through installing Windows Server 2012. Click here to review that post. In this post I am going to show you how to configure your Domain Controller and Active Directory environment.

Posts in this series:

 

Special note: I like to give credit where it is due. Some of the ideas and code I use in this series come from Vlad’s blog series I linked to above.  And a huge thank you to Joanne Klein (@JoanneCKlein) for reviewing and editing the series for me.

Assumptions

I am going to make some assumptions here:

  • You already have your VMs created and configured as I listed in Part 1 of the series.
  • Note: When you created your VMs, you only added a private network switch. We will connect an external one later, but for now just the private.

Networking

As I stated above, we will only be using private and external switches. We could use an internal switch, but I have found that this causes problems with DNS routing. Although there may be an easier way around this, but I am not a networking expert and this is the solution I use. It does mean during the initial setup you are limited to the Hyper-V remote desktop and you can’t use other tools.  The upside is you won’t run into slow network connections caused by the VM network interfering with your host network and vice versa. Once you’ve added external connections to the VM, these tools will become available to you once you.

Note: You won’t be able to connect to your host PC until you enable your external switch. I will indicate when you can do that, but the scripts I have created are setup so you don’t actually have an external connection until a bit later.

Prep Work

You don’t have to do this, but I just found it easier to organize my files for future deployments. On your local system create a folder to contain all the scripts, configs and executables you will need. Let’s call it DevVMScripts. Inside create 3 folders for the DC, SQL and one to share for your SP servers.

  • In the domain controller folder place the Service Account config folder (XML) and the service account ps1 file.
  • Mount the Server 2012 image in your choice of DVD Daemon tools. From that image copy the sxs folder from Root\sources into your SQL server’s folder (ie. C:\VMPrep\SQLServer).
  • Download AutoSPInstaller and AutoSPSourceBuilder and store them in the SharePoint folder.  Extract AutoSPInstaller and place the copy the SP folder (with all contents) into the SharePoint folder (C:\VMPrep\SharePoint).  Place AutoSPSourceBuilder in  a folder of the same name within the SharePoint folder (SharePoint\AutoSPSourceBuilder).

Configure Domain Controller, Install Active Directory and DNS and build Service Accounts

So now we get to the good part – the scripts that do all the work for us. This first script will set the server’s name, configure its IP (static) and add Active Directory. Once it is complete it will reboot the server for you.

Before we can do any of this, we need to tell Windows to execute our scripts for us with out complaining.

Set-ExecutionPolicy unrestricted

Next we are going to rename the server to one of our choice and then configure the network on the private switch. Quick note: I am renaming the network adapter so we can tell the difference between the private connection and the external connection we will add later.

#Rename server
$serverName = "srv-DrevDC"
Rename-Computer -NewName $serverName -force

#Configure the default network connection.
$netwkCard = Get-NetAdapter -Name Ethernet
$netwkCard | Set-NetIPInterface -Dhcp Disabled
$netwkCard | New-NetIPAddress -IPAddress 192.168.0.1 -PrefixLength 24
Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses "192.168.0.1"

#Rename the network adapter
$netwkCard | Rename-NetAdapter -NewName "Internal Network";

#Enable Remote Desktop
(Get-WmiObject -Class "Win32_TerminalServiceSetting" -Namespace root\cimv2\terminalservices).SetAllowTsConnections(1)
(Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'").SetUserAuthenticationRequired(0)

 

Our final step before we reboot the server is to install the AD feature. We will configure it, once the server reboots.

#Install AD
Import-Module Servermanager
Add-WindowsFeature -Name "ad-domain-services" -IncludeAllSubFeature -IncludeManagementTools
Restart-Computer

Now that AD has been installed, we need to configure it.  This will build out your forest and domain.  Remember to change the name of your domain to one of your choosing or you’re going to be using the same one I have setup for my environment.

#Add the Active Directory snap-in
Import-Module ADDSDeployment 

#Configure the domain and install DNS
Install-ADDSForest -DatabasePath "C:\Windows\NTDS" -DomainMode "Win2012" -DomainName "DrevDev.local" -DomainNetbiosName "DREVDEV" -ForestMode "Win2012" -InstallDns -LogPath "C:\Windows\NTDS" -SysvolPath "C:\Windows\SYSVOL" -Force
Restart-Computer

Quick note: when you run the above command, you will still be prompted for a Safe Mode Administrator Password. Once it has completed the configuration, it is going to reboot the server.

BuildingADForest

Because this is the AD and DNS server for a multi-server environment we need to add a reverse lookup in DNS for any servers coming on.

#Create Primary Reverse Lookup.
Add-DnsServerPrimaryZone -NetworkId "192.168.0/24" -DynamicUpdate Secure -ReplicationScope "Forest"

AddingDNSReverseEntry

Now that our network is configured; shutdown your VM and add the external switch.

 

Creating an external Switch

To add the external switch perform the following steps:

  • Click on Virtual Switch Manager in the Actions menu on the right hand side of the Hyper-V manager

ExternalSwitch-Manager

  • In the right hand frame of the new window select external and click on Create Virtual Switch

ExternalSwitch-Create

  • Enter in a name for the switch, select the network adapter you want it to use (if multiple available)

ExternalSwitch-Config

  • Click finish.
  • From there update the settings of your VM
    • Under Add new Hardware select Network Adapter
    • Select the newly created switch
    • Restart the VM

 

Create SharePoint and SQL Service Accounts

Copy over the files I indicated above in the preparation section.

Now we want to add the SharePoint and SQL system accounts for our install. Vlad’s tool creates the accounts based on three different levels. You can read more about these levels here. To change the setting in the command line, simply change the -Level setting to Low, Medium or High based on your needs. Note: when you launch the tool, it will prompt you for a password to be used for all the accounts. You can enter whatever you choose.

#create SP\SQL accounts
cd C:\SharePoint
.\sp2013serviceaccounts.ps1 -Level high -SPOU "SP Service Accounts" -SQLOU "SQL Service Accounts" -SQLLevel high -OptionalAccounts $true

Now that you have added the accounts and while we are still working on the DC, let’s setup the domain admin group with the admin accounts:

#Add SP\SQL Accounts to Domain Admin Group
$systemName = hostname;
Set-ADGroup -Add:@{'Member'="CN=Sp_Admin,OU=SP Service Accounts,DC=drevdev,DC=local", "CN=Sql_Admin,OU=SQL Service Accounts,DC=drevdev,DC=local"} -Identity:"CN=Domain Admins,CN=Users,DC=drevdev,DC=local" -Server:"$systemName.drevdev.local"

DomainAdminAfterScript

Finalize Your Scripts for Next Time

One of the things I suggest for your scripts is you split them up into separate .ps1 files so it is just a matter of executing them in order. When you have created your files, copy them to C:\SharePoint as all the scripts point there (I liked Vlad’s idea to have a central point and write all the scripts around it). Here’s what I did:

1_PrepareDC:

#Rename server
$serverName = "srv-DrevDC"
Rename-Computer -NewName $serverName -force

#Configure the default network connection.
$netwkCard = Get-NetAdapter -Name Ethernet
$netwkCard | Set-NetIPInterface -Dhcp Disabled
$netwkCard | New-NetIPAddress -IPAddress 192.168.100.1 -PrefixLength 24
Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses "192.168.100.1"

#Rename the network adapter
$netwkCard | Rename-NetAdapter -NewName "Internal Network";

#Enable Remote Desktop
(Get-WmiObject -Class "Win32_TerminalServiceSetting" -Namespace root\cimv2\terminalservices).SetAllowTsConnections(1)
(Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'").SetUserAuthenticationRequired(0)

#Install AD
Import-Module Servermanager
Add-WindowsFeature -Name "ad-domain-services" -IncludeAllSubFeature -IncludeManagementTools
Restart-Computer

2_InstallAD_DNS:

#Add the Active Directory snap-in
Import-Module ADDSDeployment 

#Configure the domain and install DNS
Install-ADDSForest -DatabasePath "C:\Windows\NTDS" -DomainMode "Win2012" -DomainName "DrevDev.local" -DomainNetbiosName "DREVDEV" -ForestMode "Win2012" -InstallDns -LogPath "C:\Windows\NTDS" -SysvolPath "C:\Windows\SYSVOL" -Force
Restart-Computer

3_DNS_CreateAccts_AddAdmin:

#Create Primary Reverse Lookup.
Add-DnsServerPrimaryZone -NetworkId "192.168.0/24" -DynamicUpdate Secure -ReplicationScope "Forest"

#Launch account creator in a new PowerShell window so we can have this all in one script
cmd /c start powershell -NoExit -Command {C:\SharePoint\sp2013serviceaccounts.ps1 -Level high -SPOU "SP Service Accounts" -SQLOU "SQL Service Accounts" -SQLLevel high -OptionalAccounts $true}

#Add SP\SQL Accounts to Domain Admin Group
$systemName = hostname;
Set-ADGroup -Add:@{'Member'="CN=Sp_Admin,OU=SP Service Accounts,DC=drevdev,DC=local", "CN=Sql_Admin,OU=SQL Service Accounts,DC=drevdev,DC=local"} -Identity:"CN=Domain Admins,CN=Users,DC=drevdev,DC=local" -Server:"$systemName.drevdev.local"

That’s it! You now have a fully functioning and ready to go domain controller for your environment. I bet it probably took you longer to read my post than to actually build out the environment.

Click here for the next post in this series: Installing and Configuring SQL Server 2012

 

Thanks for reading!