In the previous article, we described how to create a child domain using the Server Manager console. In this article, we will show you how to do the same thing using Windows PowerShell. PowerShell is a powerful tool that can be used to automate many tasks in Windows Server. It is also a great way to create child domains, as it can save you time and effort.
To install AD DS and create a forest, you can follow the instructions in the article “Install Active Directory On Windows Server 2022 Using PowerShell“.
Steps to Create a Child Domain Using PowerShell
The creation and configuration of a child domain is part of the post-installation process of Active Directory Domain Services (AD DS). This process also includes promoting the server to a domain controller. First, the AD DS role must be added to the server. Once the role is added, you can create and add a child domain to the parent domain.
Add AD DS Role Using Windows PowerShell
Follow the steps below to add the Active Directory Domain Services (AD DS).
- Open Windows PowerShell as administrator.
- If you are working with Windows Server Desktop Experience, right-click on Windows PowerShell in the Start Menu and select Run as Administrator.
- If you are working with Windows Server core, run
powershell
the command in the command prompt. It opens PowerShell. Once the PowerShell is opened, useStart-Process PowerShell -Verb runAs
to open it as administrator.
- Before installing the AD DS role, let’s first see if it is available. To do so, run
Get-WindowsFeature AD-Domain-Services
. As shown in the below command, it is not already installed and it is available.
- To install the AD DS role, run the
Install-WindowsFeature AD-Domain-Services -IncludeManagementTools
command. Wait for a moment until it finishes the installation, and it will show the result as shown in the picture below.
The Active Directory Domain Service role is by now added to our Server. You can verify it using the Get-Windows-Feature AD-Domain-Services
command. If it is properly installed, It will not be available for installation anymore. Now, in the second section, let’s go through the steps to creating and configuring a Child Domain using Windows Powershell in Server 2022.
Create a Child Domain Using Windows PowerShell
Now that we have the AD DS role added, we can create and configure a Child Domain using PowerShell in the AD DS post-installation process. Below are the steps.
- Import AD DS module. To do so, run the
Import-Module ADDSDeployment
command.
- Provide the credential to specify the user name and password of an admin used to accomplish this configuration. Use it only if you are not logged in with administrative privilege. To do so, use the Get-credential cmdlet and fill the pop-up window with an administrator’s username and password.
- To create a Child Domain, use the Install-ADDSDomain cmdlet followed by the following mandatory arguments and their values.
- -DomainType followed by the “ChildDomain” value.
- -NewDomainName followed by the single-labeled (left-most part of a domain) child domain name which is “ca” in our example.
- –ParentDomainName followed by the Fully Qualified Domain Name (FQDN) of the parent which is “technig.lab” in our example.
Note: the above arguments are the mandatory arguments that we must specify when we create a Child Domain. For more optional parameters click HERE.
So, considering the cmdlet and the required arguments, our whole line of code becomes: Install-ADDSDomain -DomainType ChildDomain -NewDomainName ca -ParentDomainName technig.lab
- Now, it prompts us to specify the safe mode administrator password. Enter the password and confirm it. Then, type down Y and press enter. Wait for a while until it finishes the Child Domain installation and configuration process. Once the process completes, it will restart the machine.
Once the machine restarts, the Child Domain is created on it. To this end, we are all done with the child domain configuration.
Steps on how to create a child domain in Server 2022 using PowerShell:
- Open PowerShell as an administrator.
- Run the following command to install the ADDSDeployment module:
Install-Module ADDSDeployment
- Create a variable to store the parent domain name and the child domain name. For example:
$parentDomainName = "technig.com"
$childDomainName = "lab.technig.com"
- Run the following command to create the child domain:
Install-ADDSDomain -NewDomainName $childDomainName -ParentDomainName $parentDomainName
- Enter the SafeModeAdministratorPassword when prompted.
- The child domain will be created.
Here is an explanation of the command:
Install-ADDSDomain
is the PowerShell cmdlet that creates an Active Directory domain.-NewDomainName
specifies the name of the child domain.-ParentDomainName
specifies the name of the parent domain.-SafeModeAdministratorPassword
specifies the password for the Directory Services Restore Mode (DSRM).
Here are some additional details that might be helpful for a beginner:
- The child domain name must be a single-label domain name.
- The child domain name must not already exist.
- The parent domain name must be a valid domain name.
- The SafeModeAdministratorPassword must be a strong password.
Summary
In this article, we installed the Active Directory Domain Services (AD DS) role on a Windows Server 2022 server using PowerShell. We then created a child domain using PowerShell cmdlets. The steps involved in creating a child domain using PowerShell are as follows:
- Install the ADDSDeployment module.
- Create variables to store the parent domain name and the child domain name.
- Run the Install-ADDSDomain cmdlet to create the child domain.
- Enter the SafeModeAdministratorPassword when prompted.
I hope you found this article helpful. Please share your thoughts and queries in the comment section below.