From 299c3f48d83369c248d55dc36d6973f48be6d6ff Mon Sep 17 00:00:00 2001
From: djpbessems <danny@bessems.eu>
Date: Thu, 28 Jan 2021 16:17:08 +0100
Subject: [PATCH] Update documentation

---
 README.md | 57 +++++++++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 55 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 7c28377..041a8c4 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,58 @@
 # Packer.Images [![Build Status](https://ci.spamasaurus.com/api/badges/djpbessems/Packer.Images/status.svg?ref=refs/heads/ADDS)](https://ci.spamasaurus.com/djpbessems/Packer.Images)
 
 This OVA appliance allows deploying an Active Directory Domain Controller fully automated:  
-When deploying the appliance through the 'Deploy OVF template...' wizard, or through vApp-compatible tooling (such as HashiCorp Terraform), it is possible to provide all relevant configuration through vApp properties.  
-![vApp properties](.assets/vAppProperties-example.png?raw=true "vApp properties")
\ No newline at end of file
+
+When **provisioning** the appliance through the vCenter 'Deploy OVF template...' wizard, or through vApp-compatible *Infrastructure as code* tooling (e.g. HashiCorp Terraform), it is possible to provide all relevant configuration through vApp properties.  
+
+<table>
+<tr>
+<td><em>vSphere 'Deploy OVF template...' wizard</em></td> <td> <a href="https://registry.terraform.io/providers/hashicorp/vsphere/latest/docs/resources/virtual_machine#deploying-vm-from-an-ovfova-template">HashiCorp Terraform vSphere provider</a> </td>
+</tr>
+<tr>
+<td><img src=".assets/vAppProperties-example.png" alt="vApp properties" width="400" /></td>
+<td>
+
+```hcl
+  vapp {
+    properties = {
+      "guestinfo.hostname"         = "DC01"
+      "guestinfo.ipaddress"        = "10.0.0.21"
+      "guestinfo.prefixlength"     = "24"
+      "guestinfo.dnsserver"        = "0.0.0.0"
+      "guestinfo.gateway"          = "10.0.0.1"
+
+      "addsconfig.domainname"      = "contoso.com"
+      "addsconfig.netbiosname"     = "CONTOSO"
+      "addsconfig.administratorpw" = "{{user `adds_administratorpw`}}"
+      "addsconfig.safemodepw"      = "{{user `adds_safemodepw`}}"
+      "addsconfig.ntpserver"       = "0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org"
+
+      "dhcpconfig.startip"         = "10.0.0.50"
+      "dhcpconfig.endip"           = "10.0.0.250"
+      "dhcpconfig.subnetmask"      = "255.255.255.0"
+      "dhcpconfig.gateway"         = "10.0.0.1"
+      "dhcpconfig.leaseduration"   = "01:00:00.00"
+    }
+  }
+```
+
+</td>
+</tr>
+</table>
+
+On first boot, the appliance will start **configuring** itself without any further user-input, by performing the following steps:  
+- Change hostname
+- Configure network
+- Set password for local administrator
+- Promote to Domain Controller
+- Iterate through all payload scripts:
+  - Create Active Directory Organizational Units
+  - Create Active Directory security groups
+  - Create Active Directory user accounts
+  - Set up Delegation of Control
+  - Configure Active Directory Group Policy Objects with Windows Firewall settings
+  - Configure DHCP (scopes, options and Failover relationship)
+  - Create DNS records
+  - Define Active Directory Group Policy WMI Filters
+  - Define and link Active Directory Group Policy Objects and Preferences
+  - Set Active Directory Default domain Password policy
\ No newline at end of file