I am currently setting up a new SCCM testenvironment in my home-lab – this will be one of (possibly) many quick-n-dirty how-to’s for setting up a functioning SCCM lab.
First things first – the lab wil consist of Server 2019 and Windows 10 servers and clients.
The SCCM version used is SCCM current-branch 1902.
All servers will be headless.
I have already installed a box-fresh Windows 2019 Standard server, without GUI. Continuing on from that, we will do the following:
- Configure network settings
- Configure Local date/time
- Configure the firewall to allow pingreplies
Using sconfig – name your server something. In this case, I am calling it sccm-ad1.
Next up, edit your network card settings – configure your adapter with a static IP address, and set DNS server to 127.0.0.1.
Return to the main menu, and configure your local Date and Time settings to your correct timezone.
Restart your server – and jump in to a powershell session.
I like my labcomputers replying to pingrequests, so to allow this – type in the following command (applies to IPV4):
New-NetFirewallRule -Displayname "Allow inbound ICMPv4" -direction Inbound -Protocol ICMPv4 -IcmpType 8 -remoteaddress <your subnet> -action allow
Restart your server.
Next up, we will install the AD Controller role.
Jump in to a Powershell session, and enter the following:
Get-WindowsFeature AD-Domain-Services | Install-WindowsFeature
let the installation finish, then enter the following:
Import-Module ADDSDeployment
Then, to install the new AD controller in our new forest, enter the following:
Install-ADDSForest
Continue by entering your domainname of choice, and a SafeMode password. After installation is finished, the server will restart and finish configuration.
Next I’ll create a new AD user in this domain, for administrating the environment. Do this by entering a Powershell session, and enter:
New-ADUser -name "Awesome" -Givenname "Awesome" -Surname "Sauce" -SamAccountName "Awesome" -UserPrincipalName "awesome@your.domain"
Test that you have successfully created the user by entering:
Get-AdUser Awesome
You will find the user is not active yet. Before enabling the user, set the password for that user.
Command to set password:
Set-ADAccountPassword 'CN=Awesome,CN=users,DC=sccmlab,DC=net' -Reset -NewPassword (ConvertTo-SecureString -AsPlainText “YourPassword” -Force)
Add the user to Domain Admins group
Add-AdGroupMember ‘Domain Admins’ Awesome
And there you have it – your very own Headless Windows Server 2019 AD Controller.
-F