Monday, August 18, 2008

Raising Active Directory Functional Levels with Powershell

It has been a while since I updated this blog but I have had a number of posts about using Powershell to automate Active Directory builds and this is a good a place as any.

So you have your first Domain Controller up and running after the post DCpromo reboot and you need to raise the functional level of the Domain and the forest to get the extra functionality that this give you.

The first job is to raise the domain functional level of this first domain, as the support for Active Directory built into Powershell is limited we use .Net framework:-

$Forest = [System.DirectoryServices.ActiveDirectory.Forest]::getcurrentforest()

Here we can retrieve the domains in the current forest:-

$domains=$forest.domains

Next we go through each existing domain in turn and check the functional level, if you have just built the first domain you should only have one domain, and it should initially be set to Windows 2000 mixed, in order to raise this using Powershell you need to raise it to Windows 2000 native, then up to Windows 2003 functional level:-

foreach ($domain in $domains) {if ($domain.DomainMode -ne "Windows2003Domain") { $domain.RaiseDomainFunctionality('Windows2000NativeDomain') $domain.RaiseDomainFunctionality('Windows2003Domain') }}

So the script in full is:-

$Forest = [System.DirectoryServices.ActiveDirectory.Forest]::getcurrentforest()
$domains=$forest.domains
foreach ($domain in $domains) {if ($domain.DomainMode -ne "Windows2003Domain") { $domain.RaiseDomainFunctionality('Windows2000NativeDomain') $domain.RaiseDomainFunctionality('Windows2003Domain') }}

This just raises the domain functional level, but to raise the forest functional level I tried putting it in the same script, and telling the script to sleep for some time before raising the forest functional level, in the end I just used a separate script that looks fairly similar:-

$forest = [System.DirectoryServices.ActiveDirectory.Forest]::getcurrentforest()
if ($forest.forestMode -ne "Windows2003Forest") {$forest.RaiseForestFunctionality("Windows2003Forest")}
Posted by at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)