locked
Fail to join domain with Win 7 x64 HP G2 laptops and MDT 2013 RRS feed

  • Question

  • I am at a lost!! I am deploying WIN 7 x64 Pro to my HP G2 laptops. (840 and 1040). Both the G2s will not join the domain. But the weird part is that all my other PC do not have an issue joining the domain when using the same .ini file. From the past working with the 1040 G1 it was a driver issue that was resolved with the right WinPE driver pack. But this issue has me at a lost. I can deploy to all my computers, laptops, desktops, but not the G2s, they would pixie boot to MDT, run the task sequence install the OS and stop at the login screen. I did some looking online and was pointed to the ZTiDomainjoin.log in the C drive, but in my case no domainjoin log was created. In the following path (c:\windos\temp\deploymentlogs\ZTidomainjoin.log.)

    When looking at the DDB log No value was found for User, domain join, and password…all this information is provided in my .ini file. 


    • Edited by Ty Glander Monday, November 9, 2015 8:49 PM title needed a better problem statement
    Monday, November 9, 2015 8:34 PM

All replies

  • I would be money it is a driver issue (OS).  Are you using Johan's Total control driver method?

    Logs are very important. https://keithga.wordpress.com/2014/10/24/video-mdt-2013-log-files-basics-bdd-log-and-smsts-log/ Mention any customizations you have made.


    • Proposed as answer by Ty Glander Monday, November 9, 2015 8:47 PM
    • Edited by Ty Glander Monday, November 9, 2015 8:48 PM
    • Unproposed as answer by Ty Glander Thursday, November 12, 2015 9:51 PM
    Monday, November 9, 2015 8:47 PM
  • The first thing I would check is Bootstrap.ini and make sure that these values are supplied correctly. In the meantime, I have a couple powershell scripts you can plug in that will both join the computer and move it to the correct organizational unit. You will have to remove domain entries from the unattend.xml templates. It will also pass the appropriate credentials into the script from MDT. It works great!

    Custom-ZTIDomainJoin.ps1

    ### Tried getting parameters to work, but MDT throws a System.Object Error ###
    
    #[CmdletBinding()]
    
    #Param
    #(        	
    #	[Parameter(Mandatory=$True)]
    #		$Domain = "$TSEnv:DomainAdminDomain",	
    #	
    #	[Parameter(Mandatory=$True)]
    #		$UserName = "$TSEnv:DomainAdmin",
    #
    #   [Parameter(Mandatory=$True)]
    #		$Password = "$TSEnv:DomainAdminPassword",
    #		
    #    [Parameter(Mandatory=$False)]	
    #        [Switch]$Log
    #)
    
    #Clear The Screen
        Clear-Host
    
    #Define Default Action Preferences
        $DebugPreference = "Continue"
        $ErrorActionPreference = "Continue"
        $WarningPreference = "Continue"
    	
    #Define ASCII Characters    
        $Equals = [char]61
        $Space = [char]32
        $SingleQuote = [char]39
        $DoubleQuote = [char]34
        $NewLine = "`n"
    	
    #Define Variables 
        $ScriptDir =  $MyInvocation.MyCommand.Definition | Split-Path -Parent
        $ScriptName = [System.IO.Path]::GetFileNameWithoutExtension($MyInvocation.MyCommand.Name)
        $Temp = "$Env:Windir\Temp"
        #Set-Location -Path "$ScriptDir"
    
    #Start logging script output
        (Start-Transcript -Path "$Temp\$ScriptName.log")
    
    #Import Modules
    	$ImportModule_ActiveDirectory = If (Get-Module -ListAvailable | Where-Object {$_.Name -eq "ActiveDirectory"}) {Import-Module -Name "ActiveDirectory" -ErrorAction Stop}
    
    #Query WMI
    	$HostName = (Get-WmiObject -Class Win32_ComputerSystem -Property Name | Select -ExpandProperty Name).Trim().ToUpper()
    	$OSArchitecture = (Get-WmiObject -Class Win32_OperatingSystem -Property OSArchitecture | Select -ExpandProperty OSArchitecture).Replace("-bit", "").Replace("32", "86").Insert(0,"x").ToUpper()
        $OSVersion = [Decimal]("{0}.{1}" -f (Get-WmiObject -Class Win32_OperatingSystem -Property Version | Select -ExpandProperty Version).Split(".").Trim())
        $PartOfDomain_Before = (Get-WmiObject -Class Win32_ComputerSystem -Property PartOfDomain | Select -ExpandProperty PartOfDomain)
       
    #Define Functions
    	#Encode a plain text string to a Base64 string	
    		Function ConvertTo-Base64 ($String) 
    	        { 
    	            $Encoded = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($String))
    	            Return $Encoded  
    	        }	
    		
        #Decode an Base64 string to a plain text string
    	    Function ConvertFrom-Base64 ($String) 
    	        { 
    	            $Decoded = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($String))
    	            Return $Decoded
    	        }
           
    #Determine If The Script Is Being Executed With Microsoft Deployment Toolkit
        If (Test-Path -Path TSEnv: -ErrorAction SilentlyContinue)
            {
                #Convert Arguments From Base64 As Microsoft Deployment Toolkit Encodes Sensitive Strings  
                    $Domain = ConvertFrom-Base64 -String "$TSEnv:DomainAdminDomain"
                    $UserName = ConvertFrom-Base64 -String "$TSEnv:UserID"
                    $Password = ConvertFrom-Base64 -String "$TSEnv:UserPassword" | ConvertTo-SecureString -AsPlainText -Force
            }
        Else
            {
                #Store variable values from user input 
                    $Domain = (Read-Host -Prompt "Please enter a valid domain name")
                    $UserName = (Read-Host -Prompt "Please enter a valid user name")
                    $Password = (Read-Host -Prompt "Please enter a valid password" -AsSecureString)
            }
        
    #Create Credential Object
        $Credentials = (New-Object System.Management.Automation.PSCredential("$Domain\$UserName", $Password))
        
    #Join Active Directory Domain        
        If ($PartOfDomain_Before -eq $False)
            {
                $JoinDomain = (Add-Computer -DomainName $Domain -Credential $Credentials -Force -PassThru)
            }
        
    #Wait For The Specified Amount Of Time
        (Start-Sleep -Seconds "30")
    
    #Query WMI
        $PartOfDomain_After = (Get-WmiObject -Class Win32_ComputerSystem -Property PartOfDomain | Select -ExpandProperty PartOfDomain)
    
    #Echo The Values Of Supplied Arguments
        Write-Host ("Microsoft Deployment Toolkit Variable Drive Present = " + (Test-Path -Path TSEnv: -ErrorAction SilentlyContinue))
        Write-Host ("Domain = " + $Domain)
        Write-Host ("UserName = " + $UserName)
        Write-Host ("Password = " + $Credentials.Password)
        Write-Host ("Credentials = " + $Credentials)
        Write-Host ("Domain Join Succeeded = " + $JoinDomain)
        Write-Host ("HostName = " + $HostName)
        Write-Host ("OSArchitecture = " + $OSArchitecture)
        Write-Host ("OSVersion = " + $OSVersion)
        Write-Host ("PartOfDomain_Before = " + $PartOfDomain_Before)
        Write-Host ("PartOfDomain_After = " + $PartOfDomain_After)
    
    #Stop logging script output 
        (Stop-Transcript)

    Custom-ZTIMoveADComputer.ps1

    ### Tried getting parameters to work, but MDT throws a System.Object Error ###
    
    #[CmdletBinding()]
    #
    #Param
    #(        	
    #	[Parameter(Mandatory=$True)]
    #		$Domain = $TSEnv:DomainAdminDomain,	
    #	
    #	[Parameter(Mandatory=$True)]
    #		$UserName = $TSEnv:DomainAdmin,
    #
    #    [Parameter(Mandatory=$True)]
    #		$Password = $TSEnv:DomainAdminPassword,
    #		
    #	[Parameter(Mandatory=$True)]
    #		$TargetOU = $TSEnv:MachineObjectOU,
    #    
    #    [Parameter(Mandatory=$False)]	
    #        [Switch]$Log
    #)
    
    #Clear The Screen
        Clear-Host
    
    #Define Default Action Preferences
        $DebugPreference = "Continue"
        $ErrorActionPreference = "Continue"
        $WarningPreference = "Continue"
    	
    #Define ASCII Characters    
        $Equals = [char]61
        $Space = [char]32
        $SingleQuote = [char]39
        $DoubleQuote = [char]34
        $NewLine = "`n"
    	 
    #Define Variables  
        $ScriptDir =  $MyInvocation.MyCommand.Definition | Split-Path -Parent
        $ScriptName = [System.IO.Path]::GetFileNameWithoutExtension($MyInvocation.MyCommand.Name)
        $Temp = "$Env:Windir\Temp"
        #Set-Location -Path "$ScriptDir"
    
    #Start logging script output if the "/Log" switch is present
        (Start-Transcript -Path "$Temp\$ScriptName.log")
    
    #Import Modules
    	$ImportModule_ActiveDirectory = If (Get-Module -ListAvailable | Where-Object {$_.Name -eq "ActiveDirectory"}) {Import-Module -Name "ActiveDirectory" -ErrorAction Stop}
    		
    #Query WMI
    	$HostName = (Get-WmiObject -Class Win32_ComputerSystem -Property Name | Select -ExpandProperty Name).Trim().ToUpper()
    	$OSArchitecture = (Get-WmiObject -Class Win32_OperatingSystem -Property OSArchitecture | Select -ExpandProperty OSArchitecture).Replace("-bit", "").Replace("32", "86").Insert(0,"x").ToUpper()
        $OSVersion = [Decimal]("{0}.{1}" -f (Get-WmiObject -Class Win32_OperatingSystem -Property Version | Select -ExpandProperty Version).Split(".").Trim())
    	$PartOfDomain = (Get-WmiObject -Class Win32_ComputerSystem -Property PartOfDomain | Select -ExpandProperty PartOfDomain)
    
    #Define Functions
    	#Encode a plain text string to a Base64 string	
    		Function ConvertTo-Base64 ($String) 
    	        { 
    	            $String = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($String))
    	            Return $String  
    	        }	
    		
        #Decode an Base64 string to a plain text string
    	    Function ConvertFrom-Base64 ($String) 
    	        { 
    	            $String = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($String))
    	            Return $String
    	        }
    
    	#Determine If Device Exists In Active Directory
    		Function Get-DeviceExistsInAD ($Device)
    		    {
    		        $Global:TargetDevice = (Get-ADComputer -Server $Domain -Credential $Credentials -Filter {Name -eq $Device} -SearchScope Subtree | Select-Object Name, ObjectGUID, DistinguishedName)
    
    				If (($Global:TargetDevice | Measure-Object | Select -ExpandProperty Count) -eq "1")		                
    				    {			   
                            $Global:DeviceExistsInAD = $True
                            $Global:TargetDevice_Name = ($Global:TargetDevice | Select -ExpandProperty Name)
                            $Global:TargetDevice_ObjectGUID = ($Global:TargetDevice | Select -ExpandProperty ObjectGUID)
                            $Global:TargetDevice_DistinguishedName = ($Global:TargetDevice | Select -ExpandProperty DistinguishedName)
                        }		            
    				Else		       
    				    {
    				        $Global:DeviceExistsInAD = $False  
    				    }	
    				
                    Return $Global:TargetDevice_Name, $Global:TargetDevice_ObjectGUID, $Global:TargetDevice_DistinguishedName, $Global:DeviceExistsInAD
    		    }
    
        #Determine The Parent Of An Active Directory Object
            Function Get-ADObjectParent ($DistinguishedName) 
            {
                $Parts = $DistinguishedName -Split "(?<![\\]),"
                Return $Parts[1..$($Parts.Count - 1)] -Join ","
            }
    					  
    #Determine If The Script Is Being Executed With Microsoft Deployment Toolkit
        If (Test-Path -Path TSEnv: -ErrorAction SilentlyContinue)
            {
                #Convert Arguments From Base64 As Microsoft Deployment Toolkit Encodes Sensitive Strings  
                    $Domain = ConvertFrom-Base64 -String "$TSEnv:DomainAdminDomain"
                    $UserName = ConvertFrom-Base64 -String "$TSEnv:UserID"
                    $Password = ConvertFrom-Base64 -String "$TSEnv:UserPassword" | ConvertTo-SecureString -AsPlainText -Force
                    $TargetOU = $TSEnv:MachineObjectOU
            }
        Else
            {
                #Store variable values from user input
                    $Domain = (Read-Host -Prompt "Please enter a valid domain name")
                    $UserName = (Read-Host -Prompt "Please enter a valid user name")
                    $Password = (Read-Host -Prompt "Please enter a valid password" -AsSecureString)
                    $TargetOU = (Read-Host -Prompt "Please enter a valid organizational unit")
            }
    			
    #Create Credential Object
    	$Credentials = (New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList ("$Domain\$UserName", $Password))
    				
    #Determine If The Specified Device Exists In Active Directory
        (Get-DeviceExistsInAD -Device "$HostName" | Out-Null)
    				
    #Move The Object If Only If The Target Organizational Unit Is Different
        If (($PartOfDomain -eq $True) -and ($DeviceExistsInAD -eq $True) -and ((Get-ADObjectParent -DistinguishedName "$Global:TargetDevice_DistinguishedName") -ne "$TargetOU"))
                        
            {
                $MoveADObject = (Move-ADObject -Server $Domain -Identity $Global:TargetDevice_DistinguishedName -TargetPath $TargetOU -Credential $Credentials -PassThru)
            }
    
    #Wait For The Specified Amount Of Time
        (Start-Sleep -Seconds "30")
    
    #Echo The Values Of Supplied Arguments
        Write-Host ("Microsoft Deployment Toolkit Variable Drive Present = " + (Test-Path -Path TSEnv: -ErrorAction SilentlyContinue))
        Write-Host ("Domain = " + $Domain)
        Write-Host ("UserName = " + $UserName)
        Write-Host ("Password = " + $Credentials.Password)
        Write-Host ("DistinguishedName = " + $Global:TargetDevice_DistinguishedName)
        Write-Host ("CurrentOUParent = " + (Get-ADObjectParent -DistinguishedName "$Global:TargetDevice_DistinguishedName"))
        Write-Host ("TargetOU = " + $TargetOU)
        Write-Host ("CurrentOUParent `"Does Not Equal`" TargetOU = " + ((Get-ADObjectParent -DistinguishedName "$Global:TargetDevice_DistinguishedName") -ne "$TargetOU"))
        Write-Host ("Credentials = " + $Credentials)
        Write-Host ("MoveADObject = " + "`"$HostName`" was successfully moved to `"$MoveADObject`"")
        Write-Host ("HostName = " + $HostName)
        Write-Host ("OSArchitecture = " + $OSArchitecture)
        Write-Host ("OSVersion = " + $OSVersion)
        Write-Host ("PartOfDomain = " + $PartOfDomain)
    
    #Stop logging script output if the "/Log" switch is present  
        (Stop-Transcript)

    Tuesday, November 10, 2015 2:02 PM