User Tools

Site Tools


userspace:windows7

This is an old revision of the document!


Domainjoin Windows 7 (32Bit)

Domainjoin with a script

Dieses Script fügt einen Client zu einer Domäne hinzu. Genutzt wird dazu das Powershell Tool Add-Computer
This Script adds a client to a domain. Realized by the powershell-tool 'add-computer'

by tobias

Properties
  • dom - Domäne /domain
  • user - Benutzer zum hinzufügen in die Domäne / User with add-domain-rights
  • password - Passwort des Domänenbenutzers / password of domainadmin

join.ins

[INITIAL]
Message = "Rechner wird zur Domäne hinzugefügt!"
 
[Actions]
DefVar $dom$
DefVar $user$
DefVar $password$
set $dom$ = GetProductProperty("dom", " ")
set $user$ = GetProductProperty("user", " ")
set $password$ = GetProductProperty("password", " ")
PatchTextFile_Create_powershell %scriptpath%\join.ps1
ShellBatch_JoinDom
 
 
[PatchTextFile_Create_powershell]
AddLine  "$secpasswd = ConvertTo-SecureString '$password$' -AsPlainText -Force"
AddLine  '$mycreds = New-Object System.Management.Automation.PSCredential ("$user$", $secpasswd)'
AddLine  'Add-Computer -DomainName "$dom$" -credential $mycreds'
SaveToFile "c:\joinpatched.ps1"
 
[ShellBatch_JoinDom]
set-executionpolicy RemoteSigned
powershell c:\joinpatched.ps1
del c:\joinpatched.ps1

Domainjoin with a Samba PDC

by chewbacca

tested by: Thomas_H 2011/11/21 14:31

1. Step:

Edit the /opt/pcbin/install/win7/custom/unattend.xml:

<component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.c
     <Identification>
           <Credentials>
                 <Domain>mynet</Domain>
                 <Password>secret</Password>
                 <Username>Admin</Username>
           </Credentials>
           <DebugJoin>false</DebugJoin>
           <JoinDomain>meinnet</JoinDomain>
           <UnsecureJoin>false</UnsecureJoin>
     </Identification>
</component>

Domain means: the domain the client should be included
Password means: the password of the domainadmin, the account, which is allowed to include clients to the domain.
Username means: the name of the domainadmin.

Beginners please note: if the domainadmin's name (especially in a Samba-Domain) is “DomJoin”, so please enter THIS name, not the name of the admin (normally “Admin) of the client.

Create a file named “join.vbs”:

join.vbs

Const JOIN_DOMAIN = 1
Const ACCT_CREATE = 2
Const ACCT_DELETE = 4
Const WIN9X_UPGRADE = 16
Const DOMAIN_JOIN_IF_JOINED = 32
Const JOIN_UNSECURE = 64
Const MACHINE_PASSWORD_PASSED = 128
Const DEFERRED_SPN_SET = 256
Const INSTALL_INVOCATION = 262144
 
strDomain = "Windowsdomain" ' hier die Windowsdomain
strPassword = "very secret" ' very secret
strUser = "Domainadmin"  ' Domainadmin
 
Set objNetwork = CreateObject("WScript.Network")
strComputer = objNetwork.ComputerName
 
Set objComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!\\" & _
    strComputer & "\root\cimv2:Win32_ComputerSystem.Name='" & _
        strComputer & "'")
 
ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _
    strPassword, strDomain & "\" & strUser, NULL, _
        JOIN_DOMAIN + ACCT_CREATE)
 
Set WSHShell = WScript.CreateObject("WScript.Shell")
WshShell.Run "shutdown.exe -r -t 0"
 
Wscript.Quit      

and copy it to /opt/pcbin/install/win7/opsi.

Create a file name “default.reg”

default.reg

Windows Registry Editor Version 5.00
 
;Insert Samba Patch
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters]
"DomainCompatibilityMode"=dword:00000001
"DNSNameResolutionRequired"=dword:00000000
 
;join Domain at first start
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"firstrun"="wscript.exe \"join.vbs\""

and copy it to /opt/pcbin/install/win7/opsi.

Create a file named “21_reg.cmd”

21_reg.cmd

rem --- Win7samba Patch and Join Script
echo [%date% %time%] copy -s "%script_drive%\opsi\join.vbs" "%SystemRoot%\System32\join.vbs"
copy "%script_drive%\opsi\join.vbs" "%SystemRoot%\System32\join.vbs"
echo [%date% %time%] Executing: regedit /s "%script_drive%\opsi\default.reg"
regedit /s "%script_drive%\opsi\default.reg"

and copy it to /opt/pcbin/install/win7/opsi/postinst.d

Set the rights of all three files to user opsiconfd:pcpatch

Please note: At the moment this solution leaves the “join.vbs” in c:\Windows\system32!

           An automated solution to remove this file when done has to be find. If you have one, please add it here!

—-

userspace/windows7.1321883348.txt.gz · Last modified: 2021/08/23 08:37 (external edit)