SCCM 2012 R2 Installation Script (Part 1)

December 30, 2013 – 2:31 pm

Well, as promised here is the script to setup all the pre-reqs for SCCM 2012 R2.

To run this, you need to copy the files in the D: drive.

You need:

  • An SQL configuration file (SQL2012-ConfigurationFile.ini)
  • An SQL script to set the memory sizes (SetSQLMemory.sql)
  • A VBS script to enable the Windows Update feature (EnableMicrosoftUpdate.vbs)
  • WUInstall (from this link: http://www.wuinstall.com/index.php/en)
  • This script (Install-SCCM2012R2.ps1)
##############################################################################
#
# Script       : SCCM Server Complete Build
# Author       : Marc Bouchard
# Revision     : 12/27/2013
# Description  : Complete installation after base OS deployment
# Parameters   : None
#
##############################################################################

#=============================================================================
# Active Directory integration

Function CheckDomainMembership
{
   write-host -fore green "Checking if server is member of a domain..."
   $ADMember=$false
   do
   {
      if ((gwmi win32_computersystem).partofdomain -eq $false) 
      {
         write-host -fore green "Joining Domain"
         $domain = Read-Host -Prompt "Enter Domain name to join"
         $user = Read-Host -Prompt "Enter User account with DomainJoin permissions [Administrator]"
         if ($user -eq "") {$user="Administrator"}
         $password = Read-Host -Prompt "Enter password for $user" -AsSecureString 
         $username = "$domain\$user" 
         $credential = New-Object System.Management.Automation.PSCredential($username,$password) 
         Add-Computer -DomainName $domain -Credential $credential

$msgtxt = @"
The server must now restart to join the domain.
`
Please log back in with a domain account that has 
ADMINISTRATIVE RIGHTS in order to update the schema.
`
Simply relaunch this script to continue after reboot.
"@

               $Message = new-object -comobject wscript.shell 
               $intAnswer = $Message.popup($msgtxt, 0,"Confirmation",0) 
               Restart-Computer         
      } 
      else
      {
         $ADMember=$true
         write-host -fore green "Server is joined to domain..."
      }
   }
   until ($ADMember -eq $true)
}

#=============================================================================
Function InstallSQLServer
{
   #==============================================
   # Install SQL Server binaries                  
   #==============================================
   do 
   {
      Write-Host "Insert SQL Server 2012 DVD and press any key to continue ..." -ForegroundColor White
      $x = $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
   }
   until (Test-Path -path "R:\setup.exe")

   if (!(Test-Path -path "D:\Scripts\SQL2012-ConfigurationFile.ini"))
   {
      Write-Host "SQL Configuration file missing. Aborting..." -ForegroundColor White
      Break
   }
   Write-Host "Installing SQL Server 2012" -ForegroundColor Green
   CMD /C R:\SETUP /ConfigurationFile=D:\Scripts\SQL2012-ConfigurationFile.ini | Out-Null

   #==============================================
   # Configure Memory Limits
   #==============================================

   CMD /C "D:\Program Files\Microsoft SQL Server\110\Tools\Binn\OSQL.EXE" -E -i D:\Scripts\SetSQLMemory.sql | Out-Null

   #==============================================
   # CONFIGURE SQL INTEGRATED AUTHENTICATION MODE 
   #==============================================

   Write-Host "Set SQL Authentication Mode" -ForegroundColor Green

   # Connect to the instance using SMO
   [System.Reflection.Assembly]::LoadWithPartialName('Microsoft.SqlServer.SMO') | out-null
   $s = new-object ('Microsoft.SqlServer.Management.Smo.Server') $env:COMPUTERNAME

   # Get current Authentication Mode
   [string]$nm = $s.Name
   [string]$mode = $s.Settings.LoginMode

   If ($mode -ne "Integrated")
   {
      #Change to Integrated Mode
      $s.Settings.LoginMode = [Microsoft.SqlServer.Management.SMO.ServerLoginMode]::Integrated

      # Make the changes
      $s.Alter()

      NET STOP SQLSERVERAGENT
      NET STOP MSSQLSERVER
      NET START MSSQLSERVER
      NET START SQLSERVERAGENT
   }

   #==============================================
   # Install Latest updates
   #==============================================
   Write-Host "Install latest updates for SQL and OS" -ForegroundColor Green
   CMD /C cscript D:\Scripts\EnableMicrosoftUpdate.vbs /nologo

   #!!! Loop WUinstall until no more updates (errorlevel 2)
   D:\Scripts\WUInstallAMD64.exe /install

}

#=============================================================================
# Main Program
#=============================================================================

CLS
Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Force

#==============================================
# Set Automatic Windows Update
#==============================================
Write-Host "Enabling Automatic Windows Updates" -ForegroundColor Green
CMD /C cscript %windir%\system32\scregedit.wsf /AU 4

#==============================================
# Execute Custom Functions
#==============================================

CheckDomainMembership
InstallSQLServer

#==============================================
# Install required features 
#==============================================

Write-Host "Installing Features" -ForegroundColor Green

Install-WindowsFeature RSAT | Out-Null
Install-WindowsFeature Web-Windows-Auth | Out-Null
Install-WindowsFeature Web-ISAPI-Ext | Out-Null
Install-WindowsFeature Web-Metabase | Out-Null
Install-WindowsFeature Web-WMI | Out-Null
Install-WindowsFeature BITS | Out-Null
Install-WindowsFeature RDC | Out-Null
Install-WindowsFeature NET-Framework-Features | Out-Null
Install-WindowsFeature Web-Asp-Net | Out-Null
Install-WindowsFeature Web-Asp-Net45 | Out-Null
Install-WindowsFeature NET-HTTP-Activation | Out-Null
Install-WindowsFeature NET-Non-HTTP-Activ | Out-Null

#==============================================

Import-Module ActiveDirectory
Get-Module ServerManager | Out-Null

#==============================================
# Fix Firewall Rules
#==============================================

Write-Host "Modify Firewall Rules" -ForegroundColor Green
CMD /C netsh advfirewall firewall add rule name="SQL / SQL Replication" dir=in protocol=tcp localport="1433,4022"  action=Allow

#==============================================
# Install WSUS
#==============================================

Write-Host "Installing WSUS" -ForegroundColor Green
Install-WindowsFeature -Name UpdateServices-Services,UpdateServices-DB -IncludeManagementTools | Out-Null
CMD /C "C:\Program Files\update services\tools\wsusutil.exe" postinstall CONTENT_DIR=E:\Sources\WSUS\WSUS SQL_INSTANCE_NAME=$env:COMPUTERNAME

#==============================================
# Install ADK
#==============================================
Write-Host "Installing ADK" -ForegroundColor Green
$dwnld = "D:\Scripts\Downloads"
if (!(Test-Path -path $dwnld))
 {
 New-Item $dwnld -type directory | Out-Null
 }
$object = New-Object Net.WebClient
$ADKurl = 'http://download.microsoft.com/download/6/A/E/6AEA92B0-A412-4622-983E-5B305D2EBE56/adk/adksetup.exe'
$object.DownloadFile($ADKurl, "$dwnld\adksetup.exe")
Start-Process -FilePath "$dwnld\adksetup.exe" -Wait -ArgumentList "/quiet /features OptionId.DeploymentTools OptionId.WindowsPreinstallationEnvironment OptionId.UserStateMigrationTool" | Out-Null

#==============================================
# Create Container
#==============================================

   Write-Host "Create OU container" -ForegroundColor Green

   $root = (Get-ADRootDSE).defaultNamingContext

   # Check if System Management OU already exists
   $ou = $null

   try
   {
      $ou = Get-ADObject "CN=System Management,CN=System,$root"
   }
   catch
   {
      Write-Host "System Management container does not currently exist."
   }

   if ($ou -eq $null)
   {
      $ou = New-ADObject -Type Container -name "System Management" -Path "CN=System,$root" -Passthru
   }

   # Get the current ACL for the OU
   $acl = get-acl "ad:CN=System Management,CN=System,$root"

   # Get the SCCM Server's SID (the LOCAL machine)
   $computer = get-adcomputer $env:ComputerName
   $sid = [System.Security.Principal.SecurityIdentifier] $computer.SID

   # Create a new access control entry to allow access to the OU
   $adRights = [System.DirectoryServices.ActiveDirectoryRights] "GenericAll"
   $type = [System.Security.AccessControl.AccessControlType] "Allow"
   $inheritanceType = [System.DirectoryServices.ActiveDirectorySecurityInheritance] "All"
   $ace = New-Object System.DirectoryServices.ActiveDirectoryAccessRule $sid,$adRights,$type,$inheritanceType

   # Add the ACE to the ACL, then set the ACL to save the changes
   $acl.AddAccessRule($ace)
   Set-acl -aclobject $acl "ad:CN=System Management,CN=System,$root"

#==============================================
# Extend Schema
# Note: Requires SCCM ISO mounted
#==============================================
   do 
   {
      Write-Host "Insert SCCM 2012 DVD and press any key to continue ..." -ForegroundColor White
      $x = $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
   }
   until (Test-Path -path "R:\SMSSetup\BIN\x64\ExtADSch.exe")

   Write-Host "Extending Schema" -ForegroundColor Green
   CMD /C R:\SMSSetup\Bin\x64\ExtADSCh.exe

##############################################################################
# INSTALLATION COMPLETED
##############################################################################

Write-Host "DONE!" -ForegroundColor Green

Post a Comment