dc_prep
Running the Script
- Configure the configfile dc_prep.conf as needed
customer_name: Customer name which is used as the first OU in the Active Directory
datev,adconnect,FSLogix: set y or n. With y the specified funktion is being run. With n it is being skipped
sharedrive: specifies the physical drive on which the Files for Datev and FSLogix are being saved and shared. Syntax is DriveLetter:
- Open Powershell on domaincontroller as domain-administrator
- Set-Executionpolicy 0
- navigate to the scriptfolder and run dc_prep.ps1
- Check for errors
Parameter
debug
There is a parameter "-debug". This parameter shows alot more information when running the script.
Features
Default
- activates the ActiveDirectory RecycleBin
- creates a folder "_FREIGABEN" in the specified Path for "sharedrive"
- creates multiple OUs for better structure: customer_name -> Benutzer, Gruppen, Computer -> Terminalserver
- If Microplan Datacenter is being found, the needed enviroment variable is being set
- the centralstore ist being activated and configured
- The following Grouppolicies are being created: Netzlaufwerke (empty, linked to domain), EdgeDisableFirstRun (deactivates Edge first run Setuo, linked to domain),
- default computer and user OU is being changed to newly created one
- sets the actve powerscheme to high performance
if datev: y
- If DATEVUSER Group already exists it it being moved to newly created OU "Gruppen". If it does not exists it is being created
- $sharedrive_FREIGABEN\WINDVSW1 and Subfolder CONFIGD is being created
- NTFS-Rights and Share-Rights are being set for WINDVSW1 with DATEV specifications
- WINDVSW1 is being shared
if adconnect: y
- The Group M365-AD-Connect is bein created under OU "Gruppen"
- AzureADConnect.exe is being created
if FSLogix: y or a path is defined like D:\FSLogix_Container
- $sharedrive_FREIGABEN\FSLogix_Container is being created
- NTFS-Rights und Share-Rights are being set for FSLogix_Container with Microsoft specifications
- The folder FSLogix_Container is being shared
- The AD is being searched for all Terminalservers and istalls FSLogix on every one of them and adds domain-admins group to local FSLogix-Exclude Group after user confirms the found ones
- moves all found Terminalservers to newly created OU "Terminalserver"
- adds FSLogix.adml and admx to the centralstore
- Creates and preconfigures the FSLogix GPO and links them to Terminalserver OU
- Configures a setting to exclude Teams cache from Users VHDX to prevent bloating the VHDX
→ FSLogix is fully configured after this and can be used immidiently
if UserList: y
- AD-Users are being created as provided in the csv-List
- The AD-Suffix from the emailaddress is being created if it does not already exist
-