none
Joining domain during task sequences (Script) RRS feed

  • Question

  • I was not having too much success with the "Recover from Domain" process that comes built into MDT so I optimized and have been having great results! I thought I would post it in order to help the community.

    It is called "Custom-ZTIDomainJoin.vbs"

    You need to remove Domain entries from the Unattend.xml files associated with your task sequences. Otherwise the devices being deployed will still be joined to the domain too early (During Sysprep Post Image Phase)

    'Define Target Computer
    strComputer = "."
    
    'Set object values
    Set oArguments = WScript.Arguments.Named
    Set oShell = CreateObject("WScript.Shell")
    Set oWMI = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\CIMV2")
    
    'Define ASCII Characters
    chrSpace = Chr(32)
    chrSingleQuote = Chr(39)
    chrDoubleQuote = Chr(34)
    
    'Show Script Usage
    If (oArguments.Exists("?")) And (WScript.Arguments.Count = "1") Then
    	WScript.Echo(WScript.ScriptName & chrSpace & "Usage:" & _
    	vbCrLf & vbCrLf & _
    	"Script Interpreter: [cscript.exe] or [wscript.exe]" & _
    	vbCrLf & vbCrLf & _
    	"Script Location:" & chrSpace & chrDoubleQuote & Replace(oShell.CurrentDirectory & "\" & WScript.ScriptName, "\\", "\") & chrDoubleQuote & _
    	vbCrLf & vbCrLf & _
    	"Optional Arguments:" & _
    	vbCrLf & vbCrLf & _
    	"[/JoinDomain]" & chrSpace & "And" & chrSpace & "[/Domain:" & chrDoubleQuote & "MyDomain.com" & chrDoubleQuote & "]" & _
    	vbCrLf & vbCrLf & _
    	"[/JoinWorkgroup]" & chrSpace & "And" & chrSpace & "[/WorkGroup:" & chrDoubleQuote & "MyWorkGroup" & chrDoubleQuote & "]" & _
    	vbCrLf & vbCrLf & _
    	"[/Rename]" & chrSpace & "And" & chrSpace & "[/Name:" & chrDoubleQuote & "MyDeviceName" & chrDoubleQuote & "]" & _
    	vbCrLf & vbCrLf & _	
    	"[/SvcAcctDmn:" & chrDoubleQuote & "MyDomain" & chrDoubleQuote & "]" & _
    	vbCrLf & vbCrLf & _
    	"[/SvcAcct:" & chrDoubleQuote & "MyDomain\MySvcAcct" & chrDoubleQuote & "]" & _
    	vbCrLf & vbCrLf & _
    	"[/SvcAcctPw:" & chrDoubleQuote & "MySvcAcctPw" & chrDoubleQuote & "]" & _
    	vbCrLf & vbCrLf & _
    	"[/UnjoinDomain]" & _
    	vbCrLf & vbCrLf & _
    	"[/Restart]")
    	WScript.Quit
    End If
    
    'Define Required Arguments
    argDomain = Trim(UCase(oArguments.Item("Domain")))
    argWorkGroup = Trim(UCase(oArguments.Item("Workgroup")))
    argSvcAcct = Trim(UCase(oArguments.Item("SvcAcct")))
    argSvcAcctDmn = Trim(UCase(oArguments.Item("SvcAcctDmn")))
    argSvcAcctPw = oArguments.Item("SvcAcctPw")
    
    'Define Optional Arguments
    If (oArguments.Exists("Name")) Then
    	argName = Left(oArguments.Item("Name"), 15)
    	argName = Trim(UCase(argName))
    End If
    
    'Define Variables
    'Amount of seconds to wait "Change the first number only as WScript.Sleep method expects the value in milliseconds."
    intSeconds = Int(15 * 1000)
    
    'Gather Information From WMI
    
    'Query #1 - Win32_BIOS
    Set oBIOS = oWMI.ExecQuery("Select * From Win32_BIOS")
    	If (oBIOS.Count > 0) Then	
    		For Each oItem In oBIOS	
    			If Not IsNull(oItem.SerialNumber) Then
    				strSerialNumber = Left(oItem.SerialNumber, 15)
    				strSerialNumber = Trim(UCase(strSerialNumber))
    			End If		
    		Next	
    	End If
    
    'Query #2 - Win32_OperatingSystem
    Function RestartDevice			
    	Set oWMI = GetObject("winmgmts:{(Shutdown)}//" & strComputer & "/root/cimv2")		
    	Set oOperatingSystem = oWMI.ExecQuery("Select * From Win32_OperatingSystem")	
    		If (oOperatingSystem.Count > 0) Then
    			For Each oItem In oOperatingSystem
    				If (oItem.Primary = True) Then
    					RestartDevice = oItem.Reboot()
    				End If
    			Next
    		End If			
    End Function
    
    'Query #3 - Win32_ComputerSystem
    Set oComputerSystem = oWMI.ExecQuery("Select * From Win32_ComputerSystem")		
    	
    	'Process the collection only if the query has results
    	If (oComputerSystem.Count > 0) Then
    		
    		'Begin a for loop on the collection
    		For Each oItem In oComputerSystem
    			
    			'Determine the value of the "DNSHostName" property
    			If Not IsNull(oItem.DNSHostName) And Not IsNull(oItem.Domain) Then
    				strDNSHostName = Trim(UCase(oItem.DNSHostName & "." & oItem.Domain))
    			End If
    		
    			'Determine the value of the "Domain" property
    			If Not IsNull(oItem.Domain) Then
    				strDomain = Trim(UCase(oItem.Domain))
    			End If
    		
    			'Determine the value of the "PartOfDomain" property
    			If Not IsNull(oItem.PartOfDomain) Then
    				strPartOfDomain = Trim(UCase(oItem.PartOfDomain))
    			End If
    		
    			'Determine the value of the "Name" property
    			If Not IsNull(oItem.Name) Then
    				strComputerName = Trim(UCase(oItem.Name))
    			End If
    		
    			'Determine the value of the "Username" property
    			If Not IsNull(oItem.UserName) Then
    				strDomainUserName = Trim(oItem.UserName)
    				If InStr(oItem.UserName, "\") > 0 Then
    					strUserName = Mid(oItem.UserName, InStr(oItem.UserName, "\") + 1)
    					strUserName = Trim(strUserName)
    				End If
    			End If
    				
    			'Determine the value of the "Workgroup" property
    			If Not IsNull(oItem.Workgroup) And (oItem.PartOfDomain = False) Then
    				strWorkgroup = Trim(UCase(oItem.Workgroup))
    			End If
    	
    		'Rename the device using the name specified in ArgName (Specified name will be truncated to 15 characters for computer name limit)				
    		If (oArguments.Exists("Rename")) And (oArguments.Exists("Name")) And Not (ArgName = "") Then
    				
    			RenameDevice = oItem.Rename(argName, argSvcAcct, argSvcAcctPw)
    			
    			WScript.Sleep(intSeconds)
    					
    				If (RenameDevice = "0") Then
    					WScript.Echo(chrDoubleQuote & strComputerName & chrDoubleQuote & chrSpace & "was successfully renamed to" & chrSpace & chrDoubleQuote & argName & chrDoubleQuote & "." & vbCrLf)			
    				Else
    					WScript.Echo(chrDoubleQuote & strComputerName & chrDoubleQuote & chrSpace & "was not renamed successfully." & chrSpace & "(" & RenameDevice & ")" & "." & vbCrLf)			
    					WScript.Quit(RenameDevice)
    				End If
    		
    		'Rename the device using its serial number truncated to 15 characters for computer name limit
    		ElseIf (oArguments.Exists("Rename")) And Not (oArguments.Exists("Name")) Then
    				
    			RenameDevice = oItem.Rename(strSerialNumber, argSvcAcct, argSvcAcctPw)
    			
    			WScript.Sleep(intSeconds)
    					
    				If (RenameDevice = "0") Then
    					WScript.Echo(chrDoubleQuote & strComputerName & chrDoubleQuote & chrSpace & "was successfully renamed to" & chrSpace & chrDoubleQuote & strSerialNumber & chrDoubleQuote & "." & vbCrLf)				
    				Else
    					WScript.Echo(chrDoubleQuote & strComputerName & chrDoubleQuote & chrSpace & "was not renamed successfully." & chrSpace & "(" & RenameDevice & ")" & "." & vbCrLf)
    					WScript.Quit(RenameDevice)
    				End If	
    			
    		End If
    
    		'Remove device from the Domain
    		If (strPartOfDomain = "TRUE") And (oArguments.Exists("UnjoinDomain")) Then
    			
    			UnjoinDomain = oItem.UnjoinDomainOrWorkgroup(argSvcAcctPw, argSvcAcct)
    			
    			WScript.Sleep(intSeconds)
    					
    					If (UnjoinDomain = "0") Then								
    						WScript.Echo(chrDoubleQuote & strComputerName & chrDoubleQuote & chrSpace & "was successfully removed from the" & chrSpace & chrDoubleQuote & strDomain & chrDoubleQuote & chrSpace & "domain." & vbCrLf)				
    					Else					
    						WScript.Echo(chrDoubleQuote & strComputerName & chrDoubleQuote & chrSpace & "was unsuccessful" & chrSpace & "(" & UnjoinDomain & ")" & chrSpace & "in being removed from the" & chrSpace & chrDoubleQuote & strDomain & chrDoubleQuote & chrSpace & "domain." & vbCrLf)								
    						WScript.Quit(UnjoinDomain)
    					End If			
    		
    		End If
    		
    		'Join the specified Domain
    		If (strPartOfDomain = "FALSE") And (oArguments.Exists("JoinDomain")) And (oArguments.Exists("Domain")) And Not (argDomain = "") And Not (oArguments.Exists("JoinWorkGroup")) Then
    			
    			Const Join_Domain = 1
    			Const Acct_Create = 2
    			Const Win9x_Upgrade = 16
    			Const Domain_Join_If_Joined = 32
    			Const Join_Unsecure = 64
    			Const Machine_Password_Passed = 128
    			Const Deferred_Spn_Set = 256
    			Const Install_Invocation = 262144
    			fJoinOptions = Join_Domain
    			
    			JoinDomain = oItem.JoinDomainOrWorkgroup(argDomain, argSvcAcctPw, argSvcAcct, Null, fJoinOptions)
    			
    			WScript.Sleep(intSeconds)
    			
    					If (JoinDomain = "0") Then								
    						WScript.Echo(chrDoubleQuote & strComputerName & chrDoubleQuote & chrSpace & "was successful in joining the" & chrSpace & argDomain & chrSpace & "domain." & vbCrLf)				
    					Else					
    						WScript.Echo(chrDoubleQuote & strComputerName & chrDoubleQuote & chrSpace & "was unsuccessful" & chrSpace & "(" & JoinDomain & ")" & chrSpace & "in joining the" & chrSpace & chrDoubleQuote & argDomain & chrDoubleQuote & chrSpace & "domain." & vbCrLf)								
    						WScript.Quit(JoinDomain)
    					End If
    						
    		End If
    		
    		'Join the specified Workgroup
    		If (strPartOfDomain = "FALSE") And (oArguments.Exists("JoinWorkGroup")) And (oArguments.Exists("WorkGroup")) And Not (argWorkGroup = "") And Not (oArguments.Exists("JoinDomain")) Then
    		
    			JoinWorkGroup = oItem.JoinDomainOrWorkgroup(argWorkgroup, argSvcAcctPw, argSvcAcct, Null, 0)
    	 
    			WScript.Sleep(intSeconds)
    			
    					If (JoinWorkGroup = "0") Then								
    						WScript.Echo(chrDoubleQuote & strComputerName & chrDoubleQuote & chrSpace & "was successful in joining the" & chrSpace & argWorkgroup & chrSpace & "workgroup." & vbCrLf)				
    					Else					
    						WScript.Echo(chrDoubleQuote & strComputerName & chrDoubleQuote & chrSpace & "was unsuccessful" & chrSpace & "(" & JoinWorkgroup & ")" & chrSpace & "in joining the" & chrSpace & chrDoubleQuote & argWorkgroup & chrDoubleQuote & chrSpace & "workgroup." & vbCrLf)							
    						WScript.Quit(JoinWorkGroup)
    					End If
    		
    		End If
    		
    		Next
    
    	End If
    
    'Provide information about the device
    If (oArguments.Exists("Info")) Then
    
    	If Not (strDNSHostName = "") Then
    		WScript.Echo("FDQN:" & chrSpace & strDNSHostName & vbCrLf)
    	End If
    
    	If Not (strDomain = "") Then
    		WScript.Echo("Domain:" & chrSpace & strDomain & vbCrLf)
    	End If
    
    	If Not (strPartOfDomain = "") Then
    		WScript.Echo("Currently joined to a domain:" & chrSpace & strPartOfDomain & vbCrLf)
    	End If
    
    	If Not (strComputerName = "") Then
    		WScript.Echo("Computer name:" & chrSpace & strComputerName & vbCrLf)
    	End If
    	
    	If Not (strDomainUserName = "") Then
    		WScript.Echo("Current Username w/ Domain:" & chrSpace & strDOmainUserName & vbCrLf)
    	End If
    	
    	If Not (strUserName = "") Then
    		WScript.Echo("Current Username w/o Domain:" & chrSpace & strUserName & vbCrLf)
    	End If
    	
    	If Not (strWorkgroup = "") And (strPartOfDomain = "FALSE") Then
    		WScript.Echo("Workgroup:" & chrSpace & strWorkgroup & vbCrLf)
    	End If
    
    End If
    
    'Optionally Restart Device
    If (oArguments.Exists("Restart")) Then	
    	Call RestartDevice
    End If

    From within a task sequence, this script can be run in the following manner...

    Type: Run Command Line

    Name: Join "%OSDDomainName%" Domain as "%OSDJoinAccount%"

    Description: 

    Command Line: cscript.exe "%SCRIPTROOT%\Custom-ZTIDomainJoin.vbs" /JoinDomain /Domain:"%OSDDomainName%" /SvcAcct:"%OSDJoinAccount%" /SvcAcctPw:"%OSDJoinPassword%"

    Start In:

    As you can see, this will run the script with the built in variables generated by MDT and join the domain accordingly DURING DEPLOYMENT. This solves the issue of various group policies interrupting your deployment and allows the machine to be joined to the domain as the last step.

    PS - This script can also be used to rename the device to its serial number truncated to 15 characters, join a workgroup, get devices current domain/workgroup info, and optionally restart the device.



    • Edited by GraceSolutions89 Thursday, May 7, 2015 2:21 PM fJoinOptions modified
    Tuesday, May 5, 2015 3:57 PM