none
Use single authentication for deployment Share permission and Join Computer in Domain RRS feed

  • Question

  • Hi,

    I 'm trying to configure MDT in a multi-user environment.

    Is it possible to use every technician account from AD in MDT for :

    1 - connect to the Deployment Share

    2 - Join computer to the domain with technician credentials

    The idea is to make a single sign on system : During the process MDT connect to Deployment Share and Join computer to the domain with the same login credentials (login/password from IT operator)

    Actually i use a local account for deployment Share connection (shared folder permission) and a generic AD account for joining to the domain (customsettings.in) but i won't work like that anymore.

    Thank you for your answer.

    regards


    Tuesday, July 21, 2015 9:34 AM

Answers

All replies

  • Ok I reply to myself..

    By Default if you don't set any account for joining domain, MDT use User value prompted for joining domain.

    Tuesday, July 21, 2015 1:36 PM
  • Multiple techs can authenticate to your MDT share using their AD accounts, that's not an issue and in fact that's how I have my deployment share setup. I'd suggest creating a dedicated account (a service account) that is designed only for joining machines (that's also what we do). Keep that account in your customsettings.ini as the DomainAdmin. http://blog.coretech.dk/mip/creating-a-joindomain-account-for-use-with-sccm-osd/


    If this post is helpful please vote it as Helpful or click Mark for answer.

    Tuesday, July 21, 2015 2:17 PM