From 6ec2eb61a02f9e55ef5b8d22a5ca61ca53ca05e7 Mon Sep 17 00:00:00 2001
From: heqnx <root@heqnx.com>
Date: Fri, 11 Jul 2025 21:55:20 +0300
Subject: added initial setup for domain controller

---
 ansible/scripts/setup-adcs.ps1 | 50 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100644 ansible/scripts/setup-adcs.ps1

(limited to 'ansible/scripts/setup-adcs.ps1')

diff --git a/ansible/scripts/setup-adcs.ps1 b/ansible/scripts/setup-adcs.ps1
new file mode 100644
index 0000000..134b9a9
--- /dev/null
+++ b/ansible/scripts/setup-adcs.ps1
@@ -0,0 +1,50 @@
+param
+(
+    [string]$DomainName = "contoso.com",
+    [string]$Username   = "Administrator",
+    [string]$Password   = "packer"
+)
+$scriptName = $MyInvocation.MyCommand.Name
+$logFile = "C:\Logs\${scriptName}_log.txt"
+Start-Transcript -Path $logFile -Append
+
+$p = ConvertTo-SecureString $Password -AsPlainText -Force
+$c = New-Object System.Management.Automation.PSCredential("$DomainName\$Username", $p)
+$CACommonName = "$($DomainName.Split(".")[0].ToUpper())-CA"
+
+try {
+    Install-WindowsFeature -Name AD-Certificate -IncludeAllSubFeature -IncludeManagementTools
+    Install-WindowsFeature -Name ADCS-Cert-Authority
+    Install-WindowsFeature -Name ADCS-Web-Enrollment
+    Install-WindowsFeature -Name RSAT
+
+    Write-Host "[INFO] Installed ADCS Windows Features"
+} catch {
+    Write-Host "[ERR] Failed to install ADCS Windows Features"
+}
+
+try {
+    Install-AdcsCertificationAuthority `
+        -Credential $c `
+        -CAType EnterpriseRootCA `
+        -CryptoProviderName "RSA#Microsoft Software Key Storage Provider" `
+        -KeyLength 2048 `
+        -HashAlgorithmName SHA256 `
+        -ValidityPeriod Years `
+        -ValidityPeriodUnits 5 `
+        -CACommonName $CACommonName `
+        -Force
+
+    Write-Host "[INFO] Installed ADCS Certification Authority"
+} catch {
+    Write-Host "[ERR] Failed to install ADCS Certification Authority"
+}
+
+try {
+    Install-AdcsWebEnrollment -Force
+
+    Write-Host "[INFO] Installed ADCS Web Enrollment"
+} catch {
+    Write-Host "[ERR] Failed to install ADCS Web Enrollment"
+}
+Stop-Transcript
\ No newline at end of file
-- 
cgit v1.2.3