我已经开发了一种功能,可以在现有林中提升域控制器,然后将DC从标准域控制器OU移到子OU。该功能有效,但是有时在运行该功能时,要升级的服务器将在运行该功能的大约10分钟内重新启动,而其他时候它会在重新启动之前等待大约85分钟。该功能接受CSV,以便按顺序提升多个DC。
问题是当功能在重新启动之前等待约85分钟时,它延迟了CSV中下一个DC的升级。所有域控制器都位于同一网络上的同一数据中心中。重新启动后,初始AD复制将继续进行-因此,它不必等待重新启动之前完成初始复制。
为了确保在我的客户的及时庄园中进行DC促销,我需要了解重新启动的过程。
我的问题是:什么决定了在DC促销期间服务器何时重新启动?
我的功能如下:
function New-PSATDomainController {
[CmdletBinding()]
param (
[Parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true)][string] $VMName,
[Parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true)][string] $Domain,
[Parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true)][string] $ADSite,
[Parameter(Mandatory = $true)][string] $SafeModeAdministratorPassword,
[Parameter(Mandatory = $true)][System.Management.Automation.PSCredential] $GuestCredential,
[Parameter(Mandatory = $true)][System.Management.Automation.PSCredential] $Credential
)
begin {
}
process {
# Set required variables
$FQDN = ("$vmname"+"."+"$Domain")
$DefaultDomainControllerOUPath = (Get-PSATDefaultDomainControllerOUPath -Domain "$Domain")
# Install AD Domain Services
Write-verbose "Installing the following windows features - AD-Domain-Services,RSAT-AD-AdminCenter,RSAT-ADDS-Tools" -Verbose
$InstallDomainServices = "Add-WindowsFeature AD-Domain-Services,RSAT-AD-AdminCenter,RSAT-ADDS-Tools -Restart"
Invoke-VMScript `
-VM "$VMName" `
-ScriptText $InstallDomainServices `
-GuestCredential $GuestCredential `
-Confirm:$false
start-sleep -Seconds 60
Wait-Tools -VM "$VMName" -TimeoutSeconds 300
Start-Sleep -Seconds 20
# Promote Virtual Machine to Domain Controller.
Write-Verbose "Promoting `"$VMName`" to be a Domain Controller of the `"$Domain`" Domain." -Verbose
$PromoteToDomainControllerScript = "
`$CredentialPassword = ConvertTo-SecureString -String '$($Credential.GetNetworkCredential().Password)' -AsPlainText -Force
`$Credential = New-Object System.Management.Automation.PSCredential (`"$($Credential.Username)`", `$CredentialPassword)
`$SafeModeAdministratorPassword = ConvertTo-SecureString -String '$SafeModeAdministratorPassword' -AsPlainText -Force
New-Item -Path e:\NTDS -ItemType directory
New-Item -Path e:\SYSVOL -ItemType directory
Import-Module ADDSDeployment
Install-ADDSDomainController ``
-NoGlobalCatalog:`$false ``
-CriticalReplicationOnly:`$false ``
-DatabasePath 'e:\NTDS' ``
-DnsDelegationCredential `$Credential ``
-DomainName $Domain ``
-InstallDns:`$true ``
-LogPath 'e:\NTDS' ``
-NoRebootOnCompletion:`$false ``
-SiteName $ADSite ``
-SysvolPath 'e:\SYSVOL' ``
-Force:`$true ``
-SafeModeAdministratorPassword `$SafeModeAdministratorPassword ``
-ADPrepCredential `$Credential ``
-Credential `$Credential"
Invoke-VMScript `
-ScriptText $PromoteToDomainControllerScript `
-VM "$VMName" `
-GuestCredential $GuestCredential `
-Confirm:$false `
-ScriptType:Powershell `
-ErrorAction SilentlyContinue
# Wait for the VM to finalise it's Domain Controller promotion and reboot
Write-Verbose "Waiting up to 60 minutes for `"$FQDN`" to finalise it's Domain Controller promotion and reboot" -Verbose
$StartDate = Get-Date
$DCServices = "adws","dns","kdc","netlogon"
do {
$DCServicesStatus = (invoke-command -ComputerName "$FQDN" -Credential $Credential -ScriptBlock {get-service -Name $Using:DCServices} -ErrorAction SilentlyContinue)
} while ($DCServicesStatus.status -ne "Running" -and $startDate.AddMinutes(120) -gt (Get-Date))
Write-Verbose "$VMName has rebooted" -Verbose
Wait-Tools -VM "$VMName"
Start-Sleep -Seconds 60
# Move New Domain Controller into Correct AD OU.
Write-verbose "Moving new Domain Controller `"$VMName`" into correct AD OU, `"$DefaultDomainControllerOUPath`"." -Verbose
Invoke-Command `
-ComputerName $Domain `
-ScriptBlock {get-adcomputer "$Using:VMName" | Move-ADObject -TargetPath "$Using:DefaultDomainControllerOUPath"} `
-Credential $Credential
Write-Verbose "Completed promoting `"$VMName`" to be a Domain Controller of the `"$Domain`" Domain." -Verbose
}
end {
}
}