none
Domain Join Issue RRS feed

  • Question

  • I set up our Deployment Environment and I'm having a weird issue when one of our technicians Images one of our computers. I have a custom PowerShell script that runs during WINPE that prompts for computer name and description via Active directory powershell module that has been injected into the Boot wim. I have the computer join the domain at the end of the task sequence to avoid the legal text pushed by group policy. The problem is when this tech Uses his credentials he can image a computer and his credentials work in WinPE for talking to Active Directory but when the ZTIDoaminjoin script runs it fails to join the domain with a return code 1326 Invalid user name and password. Which doesn't make sense as his credentials worked during WinPE and the ZTIDomainJoin script Runs using the Cached Credentials from WinPE so how can his credentials fail but work. any help is really helpful. Below is my ZTIDomainJoinlog:

    <![LOG[Microsoft Deployment Toolkit version: 6.3.8298.1000]LOG]!><time="17:29:48.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[The task sequencer log is located at C:\Users\ADMINI~1\AppData\Local\Temp\SMSTSLog\SMSTS.LOG.  For task sequence failures, please consult this log.]LOG]!><time="17:29:48.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[Property DomainJoinAttempts is now = 1]LOG]!><time="17:29:48.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[Verifying that the computer is joined to the requested domain.]LOG]!><time="17:29:48.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[Property DomainJoinTimeSync is now = OnlySyncOnce]LOG]!><time="17:29:48.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[About to run command: net time \\DEPLOY SERVER /set /y]LOG]!><time="17:29:48.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[Command has been started (process ID 1136)]LOG]!><time="17:29:48.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[  Console > Current time at \\DEPLOY SERVER is 2/19/2016 5:29:49 PM]LOG]!><time="17:29:50.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[  Console > The command completed successfully.]LOG]!><time="17:29:50.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[Return code from command = 0]LOG]!><time="17:29:50.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[DomainErrorRecovery Action: AutoRetry.]LOG]!><time="17:29:50.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[Initiating domain join operation using JoinDomainOrWorkgroup.]LOG]!><time="17:29:50.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[Variable is not a valid string (not Base64 Format)]LOG]!><time="17:29:50.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[Variable is not a valid string (not Base64 Format)]LOG]!><time="17:29:50.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[Initial attempt: JoinDomain(ad.cedarfair.com,PWD,ad.cedarfair.com\REMOVED,,3), rc = 1326]LOG]!><time="17:29:50.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[JoinDomain Failure: The account *may* already exist in a different OU. Retrying without the specified OU.]LOG]!><time="17:29:50.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[Variable is not a valid string (not Base64 Format)]LOG]!><time="17:29:50.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[Variable is not a valid string (not Base64 Format)]LOG]!><time="17:29:51.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[Retry attempt: JoinDomain(ad.cedarfair.com,PWD,ad.cedarfair.com\REMOVED,,3), rc = 1326]LOG]!><time="17:29:51.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[Initiating a reboot.]LOG]!><time="17:29:51.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[Property LTISuspend is now = ]LOG]!><time="17:29:51.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[ZTIDomainJoin processing completed successfully.]LOG]!><time="17:29:51.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">
    <![LOG[Event 41001 sent: ZTIDomainJoin processing completed successfully.]LOG]!><time="17:29:51.000+000" date="02-19-2016" component="ZTIDomainJoin" context="" type="1" thread="" file="ZTIDomainJoin">


    Monday, February 22, 2016 3:35 PM

Answers

  • I actually found the solution to this a long time ago but never posted it back

    In my custom PowerShell script I needed to pass through the Task Sequence Variables "UserID" and "Userpassword"  to the DomainAdmin and DomainAdminPassword Variables because I was prompting during that script and then passing off the captured creds it would pass those through in plain text so when the task sequence went to read then it assumed those variables where in base64 and changed the password to garbage. Now in my script I grab the userid and userpassword. and just pass those straight through to the domainadmin and domainadmin password so they are stored in their base64 form in those variables and get converted correctly when the task sequence uses it

    Tuesday, September 27, 2016 5:18 PM

All replies

  • Hi

    What is in your customsettings.ini??

    Mine looks like this:

    JoinDomain=INTERN
    DomainAdmin=INTERN\DomainJoin 
    DomainAdminPassword=P@ssword
    MachineObjectOU=ou=Workstations,,dc=osdeployment,dc=dk

    What is the netdom.log in c:\windows\debug showing??

    Kind regards
    Per Larsen
    Twitter: @PerLarsen1975 | Blog: osddeployment.wordpress.com
    If this post is helpful please vote it as Helpful or click Mark for answer.

    Monday, February 22, 2016 4:06 PM
  • here is my customsettings:

    [Settings]
    Priority=Default
    Properties=AutoLogonPersist,MyDefaultUserName,MyDefaultDomainName,MyDefaultPassword

    [Default]
    OSInstall=Y
    DoCapture=YES
    SkipComputerName = YES
    _SMSTSOrgName=Cedar Fair Entertainment IT
    SkipAdminPassword=YES
    AdminPassword=PASSWORD
    SkipProductKey=YES
    SkipUserData=YES
    SkipComputerBackup=YES
    SkipBitLocker=YES
    SkipTimeZone=YES
    SkipLocaleSelection=YES
    SkipComputerName=NO
    TimeZoneName=Eastern Standard Time
    WSUSServer=http://SERVER:8530
    SLShare=\\SERVER\Deploymentshare$\Logs
    SkipFinalSummary=YES
    HIDESHELL=YES
    EventService=http://SERVER:9800
    Administrators001=ad.cedarfair.com\GROUP-Job-Admins
    Administrators002=ad.cedarfair.com\GROUP-Job-Admins
    BitsPerPel=32
    VRefresh=60
    XResolution=1
    YResolution=1

    Monday, February 22, 2016 4:08 PM
  • For Me and any other techs the Deployment works fine and the PC joins the Domain at the end of the sequence but this one tech he gets the 1326 return code: the powershell script I have that runs in PE it will take the name entered import active directory module and see if that computer name name exist if it does it will pull the description and show it to the tech to verify they have the right computer if they chose yes and the computer object already exist it will delete the computer object in AD and recreate it in the correct OU it needs to be in and the very last step of the task sequence joins the domain and actually attaches the computer to the object. He is able to do that parts as it prompts for credentials again there before it can even talk to AD. I then Pipe out the credentials from the powershell script to the tasksequence to be used for domain join. His credentials work there but fail when it tries to join
    Monday, February 22, 2016 4:15 PM
  • What user is in your netdom.log?

    /per

    Monday, February 22, 2016 6:23 PM
  • I am unable to locate a netdom.log in the C:\Windows Directory

    but here is the netsetup.log from my MDT Log directory:

    02/19/2016 16:36:06:727 -----------------------------------------------------------------
    02/19/2016 16:36:06:727 NetpDoDomainJoin
    02/19/2016 16:36:06:727 NetpDoDomainJoin: using new computer names
    02/19/2016 16:36:06:727 NetpDoDomainJoin: NetpGetNewMachineName returned 0x0
    02/19/2016 16:36:06:727 NetpMachineValidToJoin: 'CP-LT-0163'
    02/19/2016 16:36:06:727  OS Version: 6.3
    02/19/2016 16:36:06:727  Build number: 9600 (9600.winblue_ltsb.151230-0600)
    02/19/2016 16:36:06:806  SKU: Windows 8.1 Pro
    02/19/2016 16:36:06:806  Architecture: 64-bit (AMD64)
    02/19/2016 16:36:06:821 NetpGetLsaPrimaryDomain: status: 0x0
    02/19/2016 16:36:06:821 NetpMachineValidToJoin: status: 0x0
    02/19/2016 16:36:06:821 NetpJoinWorkgroup: joining computer 'CP-LT-0163' to workgroup 'WORKGROUP'
    02/19/2016 16:36:06:821 NetpValidateName: checking to see if 'WORKGROUP' is valid as type 2 name
    02/19/2016 16:36:06:821 NetpCheckNetBiosNameNotInUse for 'WORKGROUP' [ Workgroup as MACHINE]  returned 0x0
    02/19/2016 16:36:06:821 NetpValidateName: name 'WORKGROUP' is valid for type 2
    02/19/2016 16:36:06:852 NetpSetLsaPrimaryDomain: for 'WORKGROUP' status: 0x0
    02/19/2016 16:36:06:852 NetpJoinWorkgroup: status:  0x0
    02/19/2016 16:36:06:852 NetpDoDomainJoin: status: 0x0
    02/19/2016 17:29:50:166 -----------------------------------------------------------------
    02/19/2016 17:29:50:166 NetpDoDomainJoin
    02/19/2016 17:29:50:166 NetpDoDomainJoin: using current computer names
    02/19/2016 17:29:50:166 NetpDoDomainJoin: NetpGetComputerNameEx(NetBios) returned 0x0
    02/19/2016 17:29:50:166 NetpDoDomainJoin: NetpGetComputerNameEx(DnsHostName) returned 0x0
    02/19/2016 17:29:50:166 NetpMachineValidToJoin: 'CP-LT-0163'
    02/19/2016 17:29:50:166  OS Version: 6.3
    02/19/2016 17:29:50:166  Build number: 9600 (9600.winblue_ltsb.160119-0600)
    02/19/2016 17:29:50:197  SKU: Windows 8.1 Pro
    02/19/2016 17:29:50:197  Architecture: 64-bit (AMD64)
    02/19/2016 17:29:50:197 NetpDomainJoinLicensingCheck: ulLicenseValue=1, Status: 0x0
    02/19/2016 17:29:50:197 NetpGetLsaPrimaryDomain: status: 0x0
    02/19/2016 17:29:50:197 NetpMachineValidToJoin: status: 0x0
    02/19/2016 17:29:50:197 NetpJoinDomain
    02/19/2016 17:29:50:197  HostName: CP-LT-0163
    02/19/2016 17:29:50:197  NetbiosName: CP-LT-0163
    02/19/2016 17:29:50:197  Domain: ad.cedarfair.com
    02/19/2016 17:29:50:197  MachineAccountOU: (NULL)
    02/19/2016 17:29:50:197  Account: ad.cedarfair.com\REMOVED
    02/19/2016 17:29:50:197  Options: 0x3
    02/19/2016 17:29:50:197 NetpLoadParameters: loading registry parameters...
    02/19/2016 17:29:50:197 NetpLoadParameters: DNSNameResolutionRequired not found, defaulting to '1' 0x2
    02/19/2016 17:29:50:197 NetpLoadParameters: DomainCompatibilityMode not found, defaulting to '0' 0x2
    02/19/2016 17:29:50:197 NetpLoadParameters: status: 0x2
    02/19/2016 17:29:50:197 NetpValidateName: checking to see if 'ad.cedarfair.com' is valid as type 3 name
    02/19/2016 17:29:50:197 NetpValidateName: 'ad.cedarfair.com' is not a valid NetBIOS domain name: 0x7b
    02/19/2016 17:29:50:338 NetpCheckDomainNameIsValid [ Exists ] for 'ad.cedarfair.com' returned 0x0
    02/19/2016 17:29:50:338 NetpValidateName: name 'ad.cedarfair.com' is valid for type 3
    02/19/2016 17:29:50:338 NetpDsGetDcName: trying to find DC in domain 'ad.cedarfair.com', flags: 0x40001010
    02/19/2016 17:29:50:400 NetpLoadParameters: loading registry parameters...
    02/19/2016 17:29:50:400 NetpLoadParameters: DNSNameResolutionRequired not found, defaulting to '1' 0x2
    02/19/2016 17:29:50:400 NetpLoadParameters: DomainCompatibilityMode not found, defaulting to '0' 0x2
    02/19/2016 17:29:50:400 NetpLoadParameters: status: 0x2
    02/19/2016 17:29:50:400 NetpDsGetDcName: status of verifying DNS A record name resolution for 'DOMAIN CONTROLLER: 0x0
    02/19/2016 17:29:50:400 NetpDsGetDcName: found DC '\\DOMAIN CONTROLLER' in the specified domain
    02/19/2016 17:29:50:400 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x0
    02/19/2016 17:29:50:400 NetpDisableIDNEncoding: using FQDN ad.cedarfair.com from dcinfo
    02/19/2016 17:29:50:400 NetpDisableIDNEncoding: DnsDisableIdnEncoding(UNTILREBOOT) on 'ad.cedarfair.com' succeeded
    02/19/2016 17:29:50:400 NetpJoinDomainOnDs: NetpDisableIDNEncoding returned: 0x0
    02/19/2016 17:29:50:666 NetUseAdd to \\DOMAIN CONTROLLER\IPC$ returned 1326
    02/19/2016 17:29:50:666 NetpJoinDomainOnDs: status of connecting to dc '\\DOMAIN CONTROLLER: 0x52e
    02/19/2016 17:29:50:666 NetpJoinDomainOnDs: Function exits with status of: 0x52e
    02/19/2016 17:29:50:666 NetpResetIDNEncoding: DnsDisableIdnEncoding(RESETALL) on 'ad.cedarfair.com' returned 0x0
    02/19/2016 17:29:50:666 NetpJoinDomainOnDs: NetpResetIDNEncoding on 'ad.cedarfair.com': 0x0
    02/19/2016 17:29:50:666 NetpDoDomainJoin: status: 0x52e
    02/19/2016 17:29:50:807 -----------------------------------------------------------------
    02/19/2016 17:29:50:807 NetpDoDomainJoin
    02/19/2016 17:29:50:807 NetpDoDomainJoin: using current computer names
    02/19/2016 17:29:50:807 NetpDoDomainJoin: NetpGetComputerNameEx(NetBios) returned 0x0
    02/19/2016 17:29:50:807 NetpDoDomainJoin: NetpGetComputerNameEx(DnsHostName) returned 0x0
    02/19/2016 17:29:50:807 NetpMachineValidToJoin: 'CP-LT-0163'
    02/19/2016 17:29:50:807  OS Version: 6.3
    02/19/2016 17:29:50:807  Build number: 9600 (9600.winblue_ltsb.160119-0600)
    02/19/2016 17:29:50:807  SKU: Windows 8.1 Pro
    02/19/2016 17:29:50:807  Architecture: 64-bit (AMD64)
    02/19/2016 17:29:50:807 NetpDomainJoinLicensingCheck: ulLicenseValue=1, Status: 0x0
    02/19/2016 17:29:50:807 NetpGetLsaPrimaryDomain: status: 0x0
    02/19/2016 17:29:50:807 NetpMachineValidToJoin: status: 0x0
    02/19/2016 17:29:50:807 NetpJoinDomain
    02/19/2016 17:29:50:807  HostName: CP-LT-0163
    02/19/2016 17:29:50:807  NetbiosName: CP-LT-0163
    02/19/2016 17:29:50:807  Domain: ad.cedarfair.com
    02/19/2016 17:29:50:807  MachineAccountOU: (NULL)
    02/19/2016 17:29:50:807  Account: ad.cedarfair.com\REMOVED
    02/19/2016 17:29:50:807  Options: 0x1
    02/19/2016 17:29:50:807 NetpLoadParameters: loading registry parameters...
    02/19/2016 17:29:50:807 NetpLoadParameters: DNSNameResolutionRequired not found, defaulting to '1' 0x2
    02/19/2016 17:29:50:807 NetpLoadParameters: DomainCompatibilityMode not found, defaulting to '0' 0x2
    02/19/2016 17:29:50:807 NetpLoadParameters: status: 0x2
    02/19/2016 17:29:50:807 NetpValidateName: checking to see if 'ad.cedarfair.com' is valid as type 3 name
    02/19/2016 17:29:50:807 NetpValidateName: 'ad.cedarfair.com' is not a valid NetBIOS domain name: 0x7b
    02/19/2016 17:29:50:947 NetpCheckDomainNameIsValid [ Exists ] for 'ad.cedarfair.com' returned 0x0
    02/19/2016 17:29:50:947 NetpValidateName: name 'ad.cedarfair.com' is valid for type 3
    02/19/2016 17:29:50:947 NetpDsGetDcName: trying to find DC in domain 'ad.cedarfair.com', flags: 0x40001010
    02/19/2016 17:29:51:010 NetpLoadParameters: loading registry parameters...
    02/19/2016 17:29:51:010 NetpLoadParameters: DNSNameResolutionRequired not found, defaulting to '1' 0x2
    02/19/2016 17:29:51:010 NetpLoadParameters: DomainCompatibilityMode not found, defaulting to '0' 0x2
    02/19/2016 17:29:51:010 NetpLoadParameters: status: 0x2
    02/19/2016 17:29:51:010 NetpDsGetDcName: status of verifying DNS A record name resolution for DOMAIN CONTROLLER.ad.cedarfair.com': 0x0
    02/19/2016 17:29:51:010 NetpDsGetDcName: found DC '\\DOMAIN CONTROLLER'in the specified domain
    02/19/2016 17:29:51:010 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x0
    02/19/2016 17:29:51:010 NetpDisableIDNEncoding: using FQDN ad.cedarfair.com from dcinfo
    02/19/2016 17:29:51:010 NetpDisableIDNEncoding: DnsDisableIdnEncoding(UNTILREBOOT) on 'ad.cedarfair.com' succeeded
    02/19/2016 17:29:51:010 NetpJoinDomainOnDs: NetpDisableIDNEncoding returned: 0x0
    02/19/2016 17:29:51:041 NetUseAdd to \\DOMAIN CONTROLLER\IPC$ returned 1326
    02/19/2016 17:29:51:041 Trying add to  \\DOMAIN CONTROLLER\IPC$ using NULL Session
    02/19/2016 17:29:51:057 NetpJoinDomainOnDs: status of connecting to dc '\\DOMANI CONTROLLER: 0x0
    02/19/2016 17:29:51:057 NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS domain name: ad.cedarfair.com
    02/19/2016 17:29:51:119 NetpProvisionComputerAccount:
    02/19/2016 17:29:51:119  lpDomain: ad.cedarfair.com
    02/19/2016 17:29:51:119  lpHostName: CP-LT-0163
    02/19/2016 17:29:51:119  lpMachineAccountOU: (NULL)
    02/19/2016 17:29:51:119  lpDcName: DOMAIN CONTROLLER.ad.cedarfair.com
    02/19/2016 17:29:51:119  lpMachinePassword: (null)
    02/19/2016 17:29:51:119  lpAccount: ad.cedarfair.com\REMOVED
    02/19/2016 17:29:51:119  lpPassword: (non-null)
    02/19/2016 17:29:51:119  dwJoinOptions: 0x1
    02/19/2016 17:29:51:119  dwOptions: 0x40000003
    02/19/2016 17:29:51:182 NetpLdapBind: ldap_bind failed on DOMAIN CONTROLLER: 49: Invalid Credentials
    02/19/2016 17:29:51:182 NetpJoinCreatePackagePart: status:0x52e.
    02/19/2016 17:29:51:182 NetpAddProvisioningPackagePart: status:0x52e.
    02/19/2016 17:29:51:182 NetpJoinDomainOnDs: Function exits with status of: 0x52e
    02/19/2016 17:29:51:182 NetpJoinDomainOnDs: status of disconnecting from '\\DOMAIN CONTROLLER: 0x0
    02/19/2016 17:29:51:182 NetpResetIDNEncoding: DnsDisableIdnEncoding(RESETALL) on 'ad.cedarfair.com' returned 0x0
    02/19/2016 17:29:51:182 NetpJoinDomainOnDs: NetpResetIDNEncoding on 'ad.cedarfair.com': 0x0
    02/19/2016 17:29:51:182 NetpDoDomainJoin: status: 0x52e

    Tuesday, February 23, 2016 2:14 PM
  • Hi

    There is some things wrong with the credientials you are trying to domain with: 02/19/2016 17:29:51:182 NetpLdapBind: ldap_bind failed on DOMAIN CONTROLLER: 49: Invalid Credentials

    Kind regards
    Per Larsen
    Twitter: @PerLarsen1975 | Blog: osddeployment.wordpress.com
    If this post is helpful please vote it as Helpful or click Mark for answer.

    Tuesday, February 23, 2016 2:43 PM
  • and that is what Is not making since in the powershell script I run in WinPE I have this function as part of my script so they cant get through here without the credentials being correct:

    function AD
    {

    Import-Module ActiveDirectory
        $Domain = 'ad.cedarfair.com'
        $DomainController = Get-ADDomainController -DomainName $Domain -Discover -NextClosestSite | select hostname
        $ADSite = Get-ADDomainController -DomainName $Domain -Discover -NextClosestSite | select site
        $domainserver = [string]$DomainController.hostname

    $Park = [string]$ADSite.site
        $user = $host.ui.PromptForCredential("Active Directory PC Name Query", "Please Enter Your Active Directory Credentials for $Park.", "", "")
        if(!$user){Cleanup}
        $username = $user.UserName
        $password = $user.GetNetworkCredential().Password
        $correctcreds = Validate-Credentials $user #Checks the network Credentials
        if ($correctcreds -eq $False)
            {
            [System.Windows.Forms.MessageBox]::Show("User Username or password was Incorrect Please try again","Invalid Credentials",0,16)
            AD
            }

    #This will send the User credentials into the Task Sequence to be used to join the domain later
        $TSEnv.Value("DomainAdmin") = $username
        $TSEnv.Value("DomainAdminPassword") = $password

     New-PSDrive -PSProvider ActiveDirectory -Name CF -Server $domainserver -Root "//RootDSE/" -Scope Global -Credential $user
        $test = Test-Path CF:
            if ($test -eq $true)
                {
                CD CF:
                Computertype
                }
            elseif ($test -eq $false)
                {
                [System.Windows.Forms.MessageBox]::Show("Unable to to Find Domain Controller ","No Domain",0,16)
                [System.Windows.Forms.MessageBox]::Show("Deployment will now clean up and exit","Cleanup",0,16)
                RD /S /Q D:\MININT
                RD /S /Q D:\_SMSTaskSequence
                RD /S /Q C:\MININT
                RD /S /Q C:\_SMSTaskSequence
                wpeutil reboot
               
                }
            else
            {
            [System.Windows.Forms.MessageBox]::Show("There has been an Unhandled Execption","Unhandled Execption",0,16)
            [System.Windows.Forms.MessageBox]::Show("Deployment will now clean up and exit","Cleanup",0,16)
            RD /S /Q D:\MININT
            RD /S /Q D:\_SMSTaskSequence
            RD /S /Q C:\MININT
            RD /S /Q C:\_SMSTaskSequence
            wpeutil reboot
            }
       
       
    }



    Tuesday, February 23, 2016 3:00 PM
  • Hi

    Have you tried to set the domain join settings in customsettings.ini ??

    I'am mot sure if the variables set in WinPE is in the full OS also.

    Kind regards
    Per Larsen
    Twitter: @PerLarsen1975 | Blog: osddeployment.wordpress.com
    If this post is helpful please vote it as Helpful or click Mark for answer.

    Tuesday, February 23, 2016 5:54 PM
  • It works if I set it a username and password in custom settings.ini

    For Myself and others Techs the script works just this one single technician is having the domain join issue he has joins permissions if that was the case he would have a different error message for access denied.

    Tuesday, February 23, 2016 8:28 PM
  • I actually found the solution to this a long time ago but never posted it back

    In my custom PowerShell script I needed to pass through the Task Sequence Variables "UserID" and "Userpassword"  to the DomainAdmin and DomainAdminPassword Variables because I was prompting during that script and then passing off the captured creds it would pass those through in plain text so when the task sequence went to read then it assumed those variables where in base64 and changed the password to garbage. Now in my script I grab the userid and userpassword. and just pass those straight through to the domainadmin and domainadmin password so they are stored in their base64 form in those variables and get converted correctly when the task sequence uses it

    Tuesday, September 27, 2016 5:18 PM