Quick & Nasty way to join a computer to domain

  • As in title.

    My machines are on DHCP and receive IP & Hostname from the DHCP server. So far everything is working perfectly, I’ve got my image built and deploying just fine. Now I have just one question. I didn’t sysprep my image (Win 10), I just set it up as a VM, joined it to domain, installed all the software I needed, unjoined from domain and shut down.

    So far I’ve deployed 20 images and everything is working great - I just kick it off from the FOG web ui, then reboot the machine in question and boot off LAN and off I go. The image gets deployed, I log in as local administrator, join the machine to domain - from there on out I can access it remotely.

    How do I automate this last step? There is a guide on how to do it but it involves installing the fog agent etc - is there a quick nasty way to just throw a powershell in the startup of a local user to join the system to AD? (I am OK with storing passwords in plaintext - machine images only get deployed once every year or so, I can activate the AD account for a day and then disable it later).

  • Thanks @george1421 , the reason I wasn’t using sysprep oobe generalize was because it was causing my system to lock up at “Please Wait”. I found that un-joining and re-joining it to the domain “generalizes” the system enough so that everything works for us.

    Anyway - I re-built the image and integrated the FOG Client (agent) into it. Now it appears the domain joining is working. Bad news is I’ll need to do another round of manual deployment, but that is the last time - after that I will have a full hands off deployment system.

    Thanks for your help so far!

  • Moderator

    Since you are not deploying the systems according to MS’s recommendation you are cut off from a number of tools that would allow this to happen automatically (without the use of the fog client). The first supported way is via an unattend.xml file to have the computer automatically connect to AD. The other option is to add the code into the setupcomplete.cmd batch file (which executed before the first login prompt).

    The only way I can think of so far is to place a vbscript on the administrators desktop to have them click on it when they first login. You could do it with powershell but you need to mess with PS security permissions, its easier to do it with a VBS. Such as in this: https://www.sole.dk/vbscript-to-join-computers-to-domain-with-specific-user-and-avoid-having-to-manually-place-them-in-ad/