Page 1 of 2 12>
Topic Options
#196926 - 2009-12-02 08:16 AM Script to add member PC to Domain
NaasMarais Offline
Fresh Scripter

Registered: 2009-08-06
Posts: 40
Loc: South Africa, JHB
Hi,

Can anyone help with a script like this? I want to created a automated script which will add the member PC to the domain and then Rename it or just add it for now.

Thanks
_________________________
KIX Scripting is the Bomb!!

Top
#196929 - 2009-12-02 09:11 AM Re: Script to add member PC to Domain [Re: NaasMarais]
Richard H. Administrator Offline
Administrator
*****

Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
Search for terms "+join +domain" to get some hits.

You can also use the command line "netdom" tool to join or move computer accounts which might be the easier route - you can of course call netdom from within a script.

Top
#198114 - 2010-03-21 07:04 PM Re: Script to add member PC to Domain [Re: Richard H.]
Sam_B Offline
Getting the hang of it

Registered: 2005-10-25
Posts: 68
Loc: Bern, Switzerland
this does no longer work for Windows 7 :-(
Top
#198121 - 2010-03-22 12:30 PM Re: Script to add member PC to Domain [Re: Sam_B]
Glenn Barnas Administrator Offline
KiX Supporter
*****

Registered: 2003-01-28
Posts: 4396
Loc: New Jersey
"does not work" in what way?
What version are you using?
What syntax?

I have both the old and new versions of Netdom - the old version (dated 1999) fails with a DLL error, but the newer version (1.8 - dated 2001) seems to work fine on my Windows 7 x64 system.

I used to hang on to the older version because it did something that the newer version didn't, specifically in an NT domain environment - but since I haven't supported NT in many years, that requirement has gone away.

Glenn
_________________________
Actually I am a Rocket Scientist! \:D

Top
#198130 - 2010-03-23 12:55 AM Re: Script to add member PC to Domain [Re: Glenn Barnas]
NTDOC Administrator Offline
Administrator
*****

Registered: 2000-07-28
Posts: 11623
Loc: CA
Thank you for that update Glenn. I only have 1 Win7 x64 on the Domain right now but I'm sure within a year or so there will be many more.

I did download the Admin Tools for Win7 but have not installed or tested them yet but seeing this post did prompt me to get them.

Top
#198131 - 2010-03-23 02:24 AM Re: Script to add member PC to Domain [Re: NTDOC]
Allen Administrator Online   shocked
KiX Supporter
*****

Registered: 2003-04-19
Posts: 4545
Loc: USA
The keyword for the WMI way is "joindomainorworkgroup". Search on that, and you may find a way to do it without netdom.
Top
#198135 - 2010-03-23 11:29 AM Re: Script to add member PC to Domain [Re: NTDOC]
Glenn Barnas Administrator Offline
KiX Supporter
*****

Registered: 2003-01-28
Posts: 4396
Loc: New Jersey
Just FYI - I have XP, Vista, and Win-7 on similarly configured systems at my desk. The performance of the admin tools on Win-7 blows away XP!

Glenn
_________________________
Actually I am a Rocket Scientist! \:D

Top
#198143 - 2010-03-23 05:49 PM Re: Script to add member PC to Domain [Re: Glenn Barnas]
Radimus Moderator Offline
Moderator
*****

Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
 Code:
	$objNetwork = CreateObject("WScript.Network")
	$strComputer = $objNetwork.ComputerName
	$objComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!\\.\root\cimv2:Win32_ComputerSystem.Name='"+@wksta+"'")
	$ReturnValue = $objComputer.JoinDomainOrWorkGroup("DOMAIN", $password, "domain\"+$user, $OU, 35)
	If $ReturnValue
		? "Failed joining "+@wksta+" to domain"
	Endif
	? "     waiting 15 seconds"
	sleep 15

	$objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
	$colComputers = $objWMIService.ExecQuery("Select * from Win32_ComputerSystem")
	For Each $objComputer in $colComputers
		$err = $objComputer.Rename($Name, $password, "domain\" + $user)
		If $err
			? "Failed Renaming "+@wksta+" to "+$Name
		endif
	Next


_________________________
How to ask questions the smart way <-----------> Before you ask

Top
#198146 - 2010-03-23 07:05 PM Re: Script to add member PC to Domain [Re: Radimus]
Allen Administrator Online   shocked
KiX Supporter
*****

Registered: 2003-04-19
Posts: 4545
Loc: USA
@Rad, is the rename part of the code required for the joining of the domain?
Top
#198149 - 2010-03-23 09:03 PM Re: Script to add member PC to Domain [Re: Allen]
Radimus Moderator Offline
Moderator
*****

Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
the rename is not necessary, but I use this after imaging a PC from a syspreped image, as it gets a generic name...

I also have code in this to add specific users/groups to local admin
_________________________
How to ask questions the smart way <-----------> Before you ask

Top
#201450 - 2011-01-27 05:17 PM Re: Script to add member PC to Domain [Re: Radimus]
Krozar Offline
Fresh Scripter

Registered: 2011-01-18
Posts: 9
Loc: ID
Radimus, I'm trying to use your code below, but I am getting a return value of 87, which indicates "The parameter is incorrect". I'm puzzled, because if I change the password variable, my return value becomes 1326, which is "Logon failure: unknown username or bad password", as one would expect. This seems to indicate to me that the syntax is correct.

Am I missing something? I'm a NOOB at this, so forgive me if I'm overlooking something simple.

 Code:
$ou = 'OU=MySubOu,OU=MyOU,DC=MyDomain,DC=com'
$user = MyUser
$password = MyPassword
$objNetwork = CreateObject("WScript.Network")
$strComputer = $objNetwork.ComputerName
$objComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!\\.\root\cimv2:Win32_ComputerSystem.Name='"+@wksta+"'")
$ReturnValue = $objComputer.JoinDomainOrWorkGroup("MyDomain.com", $password, "MyDomain\"+$user, $OU, 35)
If $ReturnValue
	? "Failed joining "+@WKSTA+" to domain"
	? "ReturnValue = " + $ReturnValue
		GoTo END
EndIf


Edited by Mart (2011-01-28 09:02 AM)
Edit Reason: Please use code tags when posting code.

Top
#201451 - 2011-01-27 05:29 PM Re: Script to add member PC to Domain [Re: Krozar]
Krozar Offline
Fresh Scripter

Registered: 2011-01-18
Posts: 9
Loc: ID
Why is it that one always figures out the solution to his own question after he posts for help?

I changed the 35 in the line...
$ReturnValue = $objComputer.JoinDomainOrWorkGroup("MyDomain.com", $password, "MyDomain\"+$user, $OU, 35)
...to a 1, and this works now.

Top
#201454 - 2011-01-27 07:09 PM Re: Script to add member PC to Domain [Re: Krozar]
Glenn Barnas Administrator Offline
KiX Supporter
*****

Registered: 2003-01-28
Posts: 4396
Loc: New Jersey
 Originally Posted By: Krozar
Why is it that one always figures out the solution to his own question after he posts for help?

For the same reason you solve your own problems after talking to someone about them..

Left-brain is logical, right-brain is creative.. Problems are often worked on by logical side of brain...

When you write or verbalize - the message is seen by both eyes or heard by both ears, allowing the creative side a chance to use its creative powers! \:\) (usually accompanied by "ooh! ooh! I got it !!!" \:D
Glenn
_________________________
Actually I am a Rocket Scientist! \:D

Top
#201455 - 2011-01-28 09:06 AM Re: Script to add member PC to Domain [Re: Glenn Barnas]
Mart Moderator Offline
KiX Supporter
*****

Registered: 2002-03-27
Posts: 4672
Loc: The Netherlands
Sounds logical.
Doctor Glenn has spoken ;\)
_________________________
Mart

- Chuck Norris once sold ebay to ebay on ebay.

Top
#201456 - 2011-01-28 12:17 PM Re: Script to add member PC to Domain [Re: Mart]
Glenn Barnas Administrator Offline
KiX Supporter
*****

Registered: 2003-01-28
Posts: 4396
Loc: New Jersey
Actually, its a bit of wisdom that I learned from a guy that I taught with some 20 years ago by the name of Mark Minasi.

Glenn
_________________________
Actually I am a Rocket Scientist! \:D

Top
#201481 - 2011-02-01 08:19 PM Re: Script to add member PC to Domain [Re: Glenn Barnas]
Radimus Moderator Offline
Moderator
*****

Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
FJoinOptions [in]
Set of bit flags that define the join options.

Value Meaning
1 (0x1) Default. Joins a computer to a domain. If this value is not specified, the join is a computer to a workgroup.

2 (0x2) Creates an account on a domain.

4 (0x4) Deletes an account when a domain exists.

16 (0x10) The join operation is part of an upgrade from Windows 98 or Windows 95 to Windows 2000 or Windows NT.

32 (0x20) Allows a join to a new domain, even if the computer is already joined to a domain.

64 (0x40) Performs an unsecured join.

128 (0x80) The machine, not the user, password passed. This option is only valid for unsecure joins.

256 (0x100) Writing SPN and DnsHostName attributes on the computer object should be deferred until the rename that follows the join.

262144 (0x40000) The APIs were invoked during install.

http://msdn.microsoft.com/en-us/library/aa392154(v=vs.85).aspx
_________________________
How to ask questions the smart way <-----------> Before you ask

Top
#201750 - 2011-03-16 05:00 PM Re: Script to add member PC to Domain [Re: Radimus]
Krozar Offline
Fresh Scripter

Registered: 2011-01-18
Posts: 9
Loc: ID
Okay, trying to modify this script to disjoin a workstation from the domain. Thought I could just change the bit flag to 4, but I am getting error 2691, "The machine is already joined to the domain."

 Code:
$ou = 'OU=MySubOu,OU=MyOU,DC=MyDomain,DC=com'
$user = MyUser
$password = MyPassword
$objNetwork = CreateObject("WScript.Network")
$strComputer = $objNetwork.ComputerName
$objComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!\\.\root\cimv2:Win32_ComputerSystem.Name='"+@wksta+"'")
$ReturnValue = $objComputer.JoinDomainOrWorkGroup("MyDomain.com", $password, "MyDomain\"+$user, $OU, 4)
If $ReturnValue
	? "Failed removing "+@WKSTA+" from domain"
	? "ReturnValue = " + $ReturnValue
		GoTo END
EndIf


I'm obviously missing a step, or something. Any help would be appreciated.
Thx.

Top
#201752 - 2011-03-17 10:56 AM Re: Script to add member PC to Domain [Re: Krozar]
BradV Offline
Seasoned Scripter
****

Registered: 2006-08-16
Posts: 686
Loc: Maryland, USA
I think you want to use UnjoinDomainOrWorkgroup. Flag 4 of the Join method doesn't say it unjoins, just deletes an account.
Top
#201755 - 2011-03-18 04:13 PM Re: Script to add member PC to Domain [Re: BradV]
Krozar Offline
Fresh Scripter

Registered: 2011-01-18
Posts: 9
Loc: ID
Still confused about the syntax for this. What I'm trying to do is
* remove the workstation from the domain
* delete the computer account from the domain
* join the workstation to the workgroup "Workgroup"
Here's what I've got:

 Code:
$ou = 'OU=MySubOu,OU=MyOU,DC=MyDomain,DC=com'
$user = MyUser
$password = MyPassword
$objNetwork = CreateObject("WScript.Network")
$strComputer = $objNetwork.ComputerName
$objComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!\\.\root\cimv2:Win32_ComputerSystem.Name='"+@wksta+"'")
$ReturnValue = $objComputer.UnJoinDomainOrWorkGroup("MyDomain.com", $password, "MyDomain\"+$user, $OU, 2)
If $ReturnValue
	? "Failed removing "+@WKSTA+" from domain"
	? "ReturnValue = " + $ReturnValue
		GoTo END
EndIf
$ReturnValue = $objComputer.JoinDomainOrWorkGroup("Workgroup")
If $ReturnValue
	? "Failed joining "+@WKSTA+" to Workgroup"
	? "ReturnValue = " + $ReturnValue
		GoTo END


When I run this, I get no return value from the UnJoinDomainOrWorkGroup. But I get return value 2691 for the JoinDomainOrWorkGroup, which is still "The machine is already joined to the domain."

Despite the first part not generating a return value, making it look like it was successful, the computer properties still show it being a member of the domain, and the computer account is still in the domain. This obviously is not doing anything.

Has anyone ever done what I'm trying to do, successfully?

Top
#201756 - 2011-03-18 04:29 PM Re: Script to add member PC to Domain [Re: Krozar]
Krozar Offline
Fresh Scripter

Registered: 2011-01-18
Posts: 9
Loc: ID
Figured it out. Found the correct syntax here: Link
 Code:
$ou = 'OU=MySubOu,OU=MyOU,DC=MyDomain,DC=com'
$user = MyUser
$password = MyPassword
$objNetwork = CreateObject("WScript.Network")
$strComputer = $objNetwork.ComputerName
$objComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!\\.\root\cimv2:Win32_ComputerSystem.Name='"+@wksta+"'")
$ReturnValue = $objComputer.UnJoinDomainOrWorkGroup("MyDomain\"+$user, $password, 0)
If $ReturnValue
	? "Failed removing "+@WKSTA+" from domain"
	? "ReturnValue = " + $ReturnValue
		GoTo END
EndIf
$ReturnValue = $objComputer.JoinDomainOrWorkGroup("Workgroup")
If $ReturnValue
	? "Failed joining "+@WKSTA+" to Workgroup"
	? "ReturnValue = " + $ReturnValue
		GoTo END

Top
Page 1 of 2 12>


Moderator:  Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart 
Hop to:
Shout Box

Who's Online
1 registered (Allen) and 466 anonymous users online.
Newest Members
gespanntleuchten, DaveatAdvanced, Paulo_Alves, UsTaaa, xxJJxx
17864 Registered Users

Generated in 0.076 seconds in which 0.026 seconds were spent on a total of 14 queries. Zlib compression enabled.

Search the board with:
superb Board Search
or try with google:
Google
Web kixtart.org