Microsoft released a KnowledgeBase article titled “ADDSDeployment module with the -Whatif argument shows incorrect DNS results”
This KnowledgeBase article describes unexpected behavior in the PowerShell Cmdlets within the ADDSDeployment PowerShell module when you use the -WhatIf argument without specifying the -installdns argument.
When you use one of the PowerShell Cmdlets from the Windows PowerShell ADDSDeployment module (notably Install-AddsForest, Install-AddsDomain or Install-AddsDomainController with the -WhatIf argument, incorrect results are displayed for the output for a Domain Name System (DNS) server.
For example, when you use the following PowerShell line:
Install-ADDSForest –WhatIf –DomainName corp.domain.tld SafeModeAdministratorPassword: Secr3ts4All
The output would look like:
What if: Create a new Active Directory forest with the name ‘corp.domain.tld‘. Configure this server as the first Active Directory domain controller in a new forest. The new domain name is “corp.domain.tld“. This is also the name of the new forest.
The NetBIOS name of the domain: Automatically calculated
Forest Functional Level: DefaultDomain
Functional Level: Automatically calculated
Additional Options: Global catalog: Yes DNS Server: No Database folder: C:\Windows\NTDS Log file folder: C:\Windows\NTDS SYSVOL folder: C:\Windows\SYSVOL
The password of the new domain Administrator will be the same as the password of the local Administrator of this computer.
Notice in this output that the entry for DNS Server is No. Despite this output, the DNS server is installed and configured as expected when the forest is created.
What really happens
The promotion process calculates a DNS server installation automatically if you do not specify the -installdns:$true or -installdns:$false arguments. However, the -whatif output is not displayed correctly when you don’t specify the -installdns argument. The output is correct only when the -installdns argument is explicitly specified.
Despite the output when the -installdns argument is not specified, the following actions regarding installing DNS Servers are true:
- For a new forest, DNS server is always configured.
- For a new domain or for an additional domain controller in an existing domain, the DNS server is configured if the domain or parent domain Start of Authority (SOA) records are hosted in an existing Active Directory Domain Services (AD DS) zone.
Related KnowledgeBase articles
New features in AD DS in Windows Server 2012, Part 2: New Promotion Process
New features in AD DS in Windows Server 2012, Part 4: New PowerShell Cmdlets
You can only set the DFL to Windows Server 2012 when you create a new domain tree on a Windows Server 2012-based computer
“Access is denied” error message when you create a child domain remotely by using Install-ADDSDomain
Add Windows Server 2012 as a Domain Controller
Creating a new AD forest
Windows 8 Active Directory : New AD DS Deployment Cmdlets
Windows 8 Active Directory: New Deployment PowerShell Cmdlets
The PowerShell Modules In Windows Server 8 Beta
PoS v3 and Windows 8
Windows Server 2012 “dcpromo”
How to create a new AD Forest with Windows 2012 Server Core
Install a New Windows Server 2012 Active Directory Child or Tree Domain (Level 200)
Install a New Windows Server 2012 Active Directory Forest (Level 200)
Install a Replica Windows Server 2012 Domain Controller in an Existing Domain (Level 200) Demoting Domain Controllers and Domains (Level 200)