AD Join Issue Using Script and Answer File
-
Server
- FOG Version: 1.3.0-RC-8
- OS: CentOS (don’t remember what version)
Client
- Service Version: v0.11.5
- OS: Windows 10
Description
So I am using the following script post download for builds for one of my clients:
#!/bin/bash hostadpwd="ADPASSHERE"; #only downside to this method- this is the plain ad password unattend="/ntfs/Windows/Panther/unattend.xml"; [[ ! -f $unattend ]] && return dots "Preparing Sysprep File" rm -f /ntfs/Windows/System32/sysprep/unattend.xml >/dev/null 2>&1 if [[ ! $? -eq 0 ]]; then echo "Failed" debugPause handleError "Failed to remove original unattend file" fi echo "Done" debugPause dots "Writing Computer Name" sed -i "/ComputerName/s/*/$hostname/g" $unattend >/dev/null 2>&1 if [[ ! $? -eq 0 ]]; then echo "Failed" debugPause handleError "Failed to update originating unattend file" fi echo "Done" echo "ComputerName set to $hostname" debugPause [[ -z $addomain ]] && return dots "Set PC to join the domain" sed -i "/<JoinWorkgroup>/d" $unattend >/dev/null 2>&1 if [[ ! $? -eq 0 ]]; then echo "Failed" debugPause handleError "Failed to remove the Workgroup setter" fi sed -i \ -e "s|<Password></Password>|<Password>${hostadpwd}</Password>|g" \ -e "s|<Username></Username>|<Username>${addomain}\\\\${aduser}</Username>|g" \ -e "s|<MachineObjectOU></MachineObjectOU>|<MachineObjectOU>${adou}</MachineObjectOU>|g" \ -e "s|<JoinDomain></JoinDomain>|<JoinDomain>${addomain}</JoinDomain>|g" $unattend >/dev/null 2>&1 if [[ ! $? -eq 0 ]]; then echo "Failed" debugPause handleError "Failed to update user, pass, ou, and domain setter" fi echo "Done" debugPauseSo one question with this: where I have the AD password listed, would that have to be the domain Administrator account’s password or the password for any account that has admin rights (e.g. the main support account that I use).
I also remember reading as follows from one of the tutorials that my Answer file (unattend.xml) needed to include the following:
<JoinWorkgroup>Workgroup</JoinWorkgroup> <Credentials> <Password></Password> <Username></Username> </Credentials> <JoinDomain></JoinDomain> <MachineObjectOU></MachineObjectOU>Silly question, but under what section in the Answer File would I need to put that?
Thanks!
-
@Raj-G under <settings pass=“specialize”>
<component name=“Microsoft-Windows-UnattendedJoin” processorArchitecture=“amd64” publicKeyToken=“31bf3856ad364e35” language=“neutral” versionScope=“nonSxS” xmlns:wcm=“http://schemas.microsoft.com/WMIConfig/2002/State” xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance”>
<Identification>
<JoinWorkgroup>Workgroup</JoinWorkgroup>
<Credentials>
<Password></Password>
<Username></Username>
</Credentials>
<JoinDomain></JoinDomain>
<MachineObjectOU></MachineObjectOU>
</Identification>
</component>the above is for 64-bit… if you’re ever unsure use WAIK to generate your unattend file for you if you don’t feel comfortable doing it manually