To make a Windows 2008, Server Core a Domain Controller you need to run DCPromo and link it to an unattend.txt file. I am sure it is probably possible to accomplish this in one command line, but that would be a lot of switches to write!
One of the items in this unattend.txt file is the Safe Mode admin password. I thought this was a little dodgy as a large amount of folk will accidently leave that unattend.txt file on the computer and therefore accidently leave the password accessible in plain text. But it seems MS were thinking the same thing as I discovered when I copied contents to use on another server and realised the password was gone. DCPromo actually removes the password value in the text file as soon as it is run.
Here is a copy of my unattend.txt for my new Forest –
To create my first unattend.txt file I plagiarised someone else’s file from the internet. It originally has RebootOnSuccess as one of the switches. Windows 2008 very helpfully give me some advice “Warning: RebootOnSuccess is deprecated, although it is still supported. Consider using RebootOnCompletion instead.” I thought this was quite amusing suggesting the syntax I was using was deprecated.
Not so funny error
Now that I have one Domain Controller up and running, I went to my next Windows 2008, Server Core machine and tried to promote it to be a replica Domain Controller. Unfortunately I immediately received this error message “The wizard cannot access the list of domains in the forest. The error is:
Access is denied.”
After doing some research I became convinced it had to be DNS related. Back to the first Domain Controller and type NSLookup. Immediately got an error as it was trying to connect to ::1 first. Using similar syntax to my last post for adding DNS Servers, I removed this IPV6 reference: netsh int ipv6 delete dnsserver name=2 address=::1. Now when I run NSLookup it connects to its own DNS server as expected. DCPromo of the replica Domain Controller now completes successfully. Here is the unattend.txt I used;