none
Win 10 Unattend prompt for computer name and join domain

    General discussion

  • We have a 3rd party vendor who needs to be able to apply an image without knowing what the computer is going to be named in the future.  When we get it back, it need to boot up and prompt for computer name and then join the domain.  

    With Windows 7, we would have it prompt for computer name during OOBE and then auto logon as a local account.  From there, a firstLogonCommands in unattend.xml to run a cmd script that joins the domain using this powershell command.

    Powershell.exe -command $pass = convertto-securestring "**********" -asplaintext -force;$domaincred = new-object system.management.automation.pscredential 'domain\user',$pass;add-computer -credential $domaincred -domainname 'domainname'

    Windows 10 no longer allows for a computer name prompt in the OOBE.  The only way the sysprep domain join works right is if you specify a specific computer name in unattend.xml.  If you leave it blank or make it *, it'll join the domain with one random name, then rename the computer to "desktop-random", breaking the domain trust.  

    The only solution I've found goes like this.

    1. Unattend does not join the domain
    2. It does not specify a computer name
    3. It does specify a local administrator
    4. It auto logs on as that local administrator
    5. It runs RenameComputerAndJoinDomain.cmd script using firstlogoncommands in unattend.xml
    6. RenameComputerAndJoinDomain.cmd  prompts for a computer name then runs a powershell command to rename the computer and join the domain

    RenameComputerAndJoinDomain.cmd

    set /p PCNAME= New PC Name (15 char limit):
    Powershell -command $pass = convertto-securestring "**********" -asplaintext -force;$domaincred = new-object system.management.automation.pscredential 'domain\user',$pass;add-computer -credential $domaincred -domainname 'd204.ipsd.net' -newname %PCNAME%
    shutdown -r -t 180
    unattend.xml (for reference)
    <settings pass="oobeSystem">
      <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
        <UserAccounts>
          <LocalAccounts>
            <LocalAccount wcm:action="add">
              <Password>
                <Value>********</Value>
                <PlainText>false</PlainText>
              </Password>
              <Description>local admin</Description>
              <DisplayName>localadmin</DisplayName>
              <Name>localadmin</Name>
              <Group>Administrators</Group>
            </LocalAccount>
          </LocalAccounts>
        </UserAccounts>
        <FirstLogonCommands>
          <SynchronousCommand wcm:action="add">
          <CommandLine>c:\tools\RenameComputerAndJoinDomain.cmd</CommandLine>
          <Description>Post Config</Description>
          <Order>1</Order>
          <RequiresUserInput>true</RequiresUserInput>
          </SynchronousCommand>
        </FirstLogonCommands>
        <AutoLogon>
          <Password>
            <Value>***********</Value>
            <PlainText>false</PlainText>
          </Password>
          <Enabled>true</Enabled>
          <LogonCount>1</LogonCount>
          <Username>localadmin</Username>
        </AutoLogon>
      </component>
    </settings>

    I'm convinced this is the only way to accomplish a domain join after name prompt without setting the unattend.xml files before first boot.








    Friday, February 24, 2017 10:16 PM

All replies

  • Hi Mike Plichta,

    Thanks for sharing. It would be very useful as a reference for the person who will come across the similar case in the near future.

    The "Computername" option in unattend file has been decreased for Windows 10. Someone else have shared the similar resolution, too.

    Script to inject COMPUTERNAME variable in to sysprep process for Windows 10
    https://social.technet.microsoft.com/Forums/windows/en-US/4b5bbb14-755d-4555-80b5-13b34990094c/script-to-inject-computername-variable-in-to-sysprep-process-for-windows-10?forum=win10itprosetup
    Unattend.xml and Windows 10
    https://social.technet.microsoft.com/Forums/windows/en-US/373d4c5e-02b9-4de5-bae2-9e36a86e558a/unattendxml-and-windows-10?forum=win10itprogeneral

    Best regards


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, February 27, 2017 2:10 AM
    Moderator
  • Thank you, here's my solution.

                <FirstLogonCommands>
                    <SynchronousCommand wcm:action="add">
                        <CommandLine>ipconfig /registerdns</CommandLine>
                        <Description>registerdns</Description>
                        <Order>1</Order>
                        <RequiresUserInput>true</RequiresUserInput>
                    </SynchronousCommand>
                    <SynchronousCommand wcm:action="add">
                        <Description>Join Domain</Description>
                        <Order>2</Order>
                        <RequiresUserInput>true</RequiresUserInput>
                        <CommandLine>CMD /C &quot;powershell add-computer -domainname domain.wan -cred (get-credential domain.wan\todomainuser) -newname (Read-Host \&quot;PC new name\&quot;) -passthru -verbose;sleep 8&quot;</CommandLine>
                    </SynchronousCommand>
                    <SynchronousCommand wcm:action="add">
                        <CommandLine>CMD /C echo n | gpupdate /force</CommandLine>
                        <Description>gpupdate /force</Description>
                        <Order>3</Order>
                        <RequiresUserInput>true</RequiresUserInput>
                    </SynchronousCommand>
                    <SynchronousCommand wcm:action="add">
                        <CommandLine>wuauclt /resetauthorization /detectnow</CommandLine>
                        <Description>Windows Update</Description>
                        <Order>4</Order>
                        <RequiresUserInput>false</RequiresUserInput>
                    </SynchronousCommand>
                </FirstLogonCommands>

    Don't forget to change domain.wan\todomainuser to yours.
    • Edited by АБВ Tuesday, January 30, 2018 2:52 PM
    Tuesday, January 30, 2018 2:51 PM