This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Remove From My Forums

Access Denied when adding computer to domain through powershell

Question
0

Sign in to vote

Hello,

I am trying to add a computer to our domain using powershell. With the script below:

$DomName = "domain.local"
$strAdmin = read-host "Authorized user for this operation"
$NewCompName = Read-Host -Prompt "Enter the New Computer Name"

Add-Computer -DomainName domain.local -ComputerName $env:computername -newname $NewCompName -oupath "OU=Computers,OU=Corporate,DC=DOMAIN,DC=LOCAL" -DomainCredential $strAdmin

However, when I run this script I am getting the following error:

Add-Computer : Computer 'COMPUTERNAME' failed to join domain 'domain.local' from its current workgroup 'WORKGROUP' with following error message: Access is denied

I'm not sure what I am missing. I have tried single quotes, double quotes, various version of the domain\username combo, even typed them in differently when I added them.

Thanks for the help!

Thursday, December 7, 2017 12:12 AM

All replies

0

Sign in to vote

Are you a domain admin and are you logged into the target computer as a local admin?
\_(ツ)_/

Thursday, December 7, 2017 12:27 AM
0

Sign in to vote
Hi,

I agree with jrv. Also, I'd like to explain that you may need to use Get-Credential to pass a credential. The following script for your reference, hope it is helpful to you:

$param = @{ DomainName = 'domain.local' ComputerName = $env:COMPUTERNAME NewName = Read-Host -Prompt 'Please Enter New Computer Name' DomainCredential = Get-Credential -Message 'Please Enter Domain Credential' OUPath = 'OU=Computers,OU=Corporate,DC=domain,DC=local' } Add-Computer @param

If you need further help, please feel free to let us know.

Best Regards,
Albert

Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com
- Edited by Albert LingMicrosoft contingent staff Thursday, December 7, 2017 6:04 AM
- Proposed as answer by Albert LingMicrosoft contingent staff Friday, December 29, 2017 7:46 AM
Thursday, December 7, 2017 6:03 AM
0

Sign in to vote
It is not really necessary to use Get-Credential. If you pass a domain account id the CmdLet will prompt for the password.

Add-Computer -DomainCredential mydummyaccount

Try it. It will prompt even if you use a "splat".
\_(ツ)_/
- Proposed as answer by Albert LingMicrosoft contingent staff Friday, December 29, 2017 7:46 AM
Thursday, December 7, 2017 6:38 AM
0

Sign in to vote

Hi,

Just checking in to see if the information provided was helpful. Does the script work?

Please let us know if you would like further assistance.

Best Regards,
Albert
Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

Monday, December 11, 2017 10:47 AM
0

Sign in to vote

Hi,

I am checking how the issue is going, if you still have any questions, please feel free to contact us.

If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.
If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.
If no, please reply and tell us the current situation in order to provide further help.

Appreciate for your feedback.

Best Regards,
Albert
Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

Wednesday, December 13, 2017 7:37 AM