Unable to get computer to join domain through WDS

  1. Posts : 4
    Windows 10 LTSB

    Unable to get computer to join domain through WDS


    Recently, I have implemented WDS within my workplace to get away from Configuration Manager (As crazy as this might sounds), the reason being is to help streamline and reduce the time it takes to image a single machine and also to decrease the amount of post deployment steps after a computer is done imaging.

    So far, I've managed to get WDS configured, create a boot image, capture image, and install image. I am using two answer files in my environment, One being a unattend.xml file at the server level to partition and format the hard drives, select what image to use (winPE phase), enter the product key and correct Time Zone (Specialize Phase). Then I have another answer file which I named oobe.xml which is applied at the image level to skip all the OOBE questions, create a local account, and assign a password to the local administrator account (oobe phase). The issue I am not running into is getting a computer to join the domain automatically. I have tried configuring the Microsoft-UnattendedJoin component in both answer files at the specialize phase without any luck... Originally, I was wanting the computer object to be created in a custom OU named "Computer Room". I even tried changing this to the default OU "Computers", to see if this will work, no luck.

    I am deploying Windows 10 Enterprise Build 1709.

    If you need to me to post the actual XML content of both files, let me know and I will do so.

    Any help at this point would be greatly appreciated.
      My Computer

  2. Posts : 4
    Windows 10 LTSB
    Thread Starter


    I found a work around for this by using a script under C:\Windows\Setup\Scripts\SetupComplete.cmd file.

    When windows is done setting up, it will look through the scripts folder to find a SetupComplete.cmd file, if it finds one, it will execute the file.

    SetupComplete.cmd calls the joindomain.ps1 powershell script:

    powershell.exe -nologo -executionpolicy bypass -noprofile -file "C:\Windows\Setup\Scripts\jd.ps1"

    By default, powershell does not allow running custom PS scripts, which is why we need to bypass it.

    Joindomain.ps1 joins a computer to the domain:

    $domain = "test.com"
    $password = "Mypass" | ConvertTo-SecureString -asPlainText -Force
    $username = "$domain\administrator"
    $credential = New-Object System.Management.Automation.PSCredential($username,$password)
    add-computer -Credential $credential -DomainName $domain -OUPath $ouPath -restart -force
    powershell -noprofile -command "&{ start-process powershell -ArgumentList '-noprofile -file C:\Windows\Setup\Scripts\joindomain.ps1' -verb RunAs}"

      My Computer

  3. Posts : 1

    I know this is an old thread but I had similar issues and this might help you or others that come across this thread. If you go into the properties of the computer account in Active Directory that WDS created and select the security tab you might find that Domain Admins are denied to change or reset passwords. If you grant access to the Domain Admins then the computers will join the domain. You have to do this to all the created computer accounts. Not sure if you can do this on the OU and reset the child objects. I never tried. This only started to happen when computers started coming out with UFI. Thats why you will see a lot of questions about this relating to a batch of new computers.
      My Computer


  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 15:02.
Find Us

Windows 10 Forums