none
MDT uses Deployment share credentials when trying to join the domain RRS feed

  • Question

  • Hi.

    Im having a issue when i try to join computer to the domain. First of. Im running MDT 2012 and i try to deploy Windows 7 x64. The deployment share is on a standard desktop computer that is NOT connected to the domain. So to access the deploymentshare I use a local account on that computer. Everything works great except when i try to join the computer to the domain.

    If i check the log, i see that it tries to use the deployment shares credentials (the local account) withc of course dont have access to join the computer to the domain.

    I have specified the account tyhat it shoudl be using in customsettings.ini, but it wonjt work. Any suggestions?

    Here is mu Customsettings.ini

    Priority=TaskSequenceID, Default
    Properties=MyCustomProperty
    
    [Default]
    UserDataLocation=NONE
    SkipDeploymentType=NO
    SkipAppsOnUpgrade=YES
    SkipAdminPassword=YES
    SkipProductKey=YES
    SkipBDDWelcome=YES
    SkipComputerName=NO
    SkipDomainMembership=YES
    SkipUserData=YES
    SkipComputerBackup=YES
    SkipCapture=NO
    DoCapture=NO
    SkipLocaleSelection=YES
    SkipTaskSequence=NO
    SkipTimeZone = YES
    SkipApplications=NO
    SkipBitLocker=YES
    SkipSummary=YES
    SkipBDDWelcome=YES
    SkipFinalSummary=NO
    _SMSTSOrgName=Windows Deployment
    WUMU_ExcludeKB001=976002 
    WUMU_ExcludeKB002=2267621
    WUMU_ExcludeKB003=2434419
    WUMU_ExcludeKB004=2841134
    
    [WIN7X64SWE]
    JoinDomain=ad.mbi.se
    DomainAdmin=joindomain@ad.mbi.se
    DomainAdminDomain=ad.mbi.se
    DomainAdminPassword=********
    MachineObjectOU="OU=Computers,OU=Stockholm,DC=ad,DC=mbi,DC=se"
    KeyboardLocale=sv-SE
    UserLocale=sv-SE
    UILanguage=sv-SE
    TimeZone = 110
    TimeZoneName = W. Europe Standard Time
    
    [WIN7X64ENG]
    JoinDomain=ad.mbi.se
    DomainAdmin=joindomain@ad.mbi.se
    DomainAdminDomain=ad.mbi.se
    DomainAdminPassword=********
    MachineObjectOU="OU=Computers,OU=Stockholm,DC=ad,DC=mbi,DC=se"
    KeyboardLocale=sv-SE
    UserLocale=sv-SE
    UILanguage=sv-SE
    TimeZone = 110
    TimeZoneName = W. Europe Standard Time
    
    [WIN7GRUND]
    KeyboardLocale=sv-SE
    UserLocale=sv-SE
    UILanguage=sv-SE
    TimeZone = 110
    TimeZoneName = W. Europe Standard Time

    Thursday, December 5, 2013 12:11 PM

All replies

  • I would guess that [tasksequenceId] is not applied. Have you followed suggestions from here? http://www.deployvista.com/Home/tabid/36/EntryID/139/language/en-US/Default.aspx
    Thursday, December 5, 2013 12:59 PM
  • Yes. The keyboard locale and timezone works.
    Thursday, December 5, 2013 6:45 PM
  • Having the Deployment Server outside of your Target Domain should not matter. The credentials used to connect to connect to the Deployment Server are different than those used to join to the domain.

    Note that if you are using the wizard, you will have problems with the customsettings.ini file above. CS. The TaskSequenceID is not selected until you get into the wizard, and the TS Sections above won't get processed until after the unattend.xml file has been processed. Also the wizard will auto populate the credentials used to log into the deployment server in the wizard page, which is not what it appears you want to do.

    Move this section to [default]

    JoinDomain=ad.mbi.se
    DomainAdmin=joindomain@ad.mbi.se
    DomainAdminDomain=ad.mbi.se
    DomainAdminPassword=********
    MachineObjectOU="OU=Computers,OU=Stockholm,DC=ad,DC=mbi,DC=se"
    


    Keith Garner - keithga.wordpress.com

    Thursday, December 5, 2013 10:57 PM
    Moderator
  • It should not matter. The customsettings file gets processes as soon as the task equence launches. The joind doesnt happen untill after the installation is complete anyway?

    And i need it to be there, since i have a taskequence where the i DONT want a join.

    Friday, December 6, 2013 8:45 AM
  • It's not as simple as that.

    The BDD.log will show every time these variables are modified.

    If you are still having problems, copy your bdd.log to a public share like SkyDrive and post the link here.


    Keith Garner - keithga.wordpress.com

    Friday, December 6, 2013 5:49 PM
    Moderator
  • Thank you.

    I checked the BDD file and i found this line:
    Not attempting to join domain becuase JoinWorkgroup = WORKGROUP

    But as you can se. I have not specified this parameter in customsettings.ini

    In the same file, there are several places where the variable JOINDOMAIN is now = ad.mbi.se

    I slo cheked the NetSetupg.log. There u found

    NetpJoinDomain
    Machine: MINI-NT-BOL75HI
    Domain: ad.mbis.e\sandybridge.ad.mbi.se
    MachineAccountOU: "OU=Computers,OU=Stockholm,DC=ad,DC=mbi,DC=se"
    Account: filer-dator\filer

    Looks like it still uses the credentials from the deploymentshare... I just dont get it...


    • Edited by -Tjalve- Monday, December 9, 2013 3:38 PM
    Monday, December 9, 2013 3:26 PM