Jump to content


Al25

Windows7\WDS wont Join Domain

Recommended Posts

Hi,

 

I am having issues with a Windows 7 Image joining the domain using WDS.

 

I have followed the automated join as per Microsofts instructions

http://technet.microsoft.com/en-us/library/cc730845(v=ws.10).aspx

 

Ideally I would like the machine to join the domain automatically without presaging in AD.

 

When I run the PXE boot everything seems to run perfectly apart from the "unattended Join" which it seems to skip.

 

See my answer file below;

 

 

 

<?xml version="1.0" encoding="utf-8"?>

<unattend xmlns="urn:schemas-microsoft-com:unattend">

<settings pass="specialize">

<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<RegisteredOwner>*****</RegisteredOwner>

<RegisteredOrganization>****</RegisteredOrganization>

<TimeZone>GMT Standard Time</TimeZone>

<ComputerName>*</ComputerName>

</component>

<component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<Identification>

<Credentials>

<Domain></Domain>

<Password></Password>

<Username></Username>

</Credentials>

<UnsecureJoin>True</UnsecureJoin>

<JoinDomain>****.****.****.****</JoinDomain>

</Identification>

</component>

</settings>

<settings pass="oobeSystem">

<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<InputLocale>en-uk</InputLocale>

<SystemLocale>en-uk</SystemLocale>

<UILanguage>en-uk</UILanguage>

<UserLocale>en-uk</UserLocale>

</component>

<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<OOBE>

<HideEULAPage>true</HideEULAPage>

<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>

<NetworkLocation>Work</NetworkLocation>

</OOBE>

<UserAccounts>

<AdministratorPassword>

<Value>UABhAHMAcwB3AG8AcgBkADEAQQBkAG0AaQBuAGkAcwB0AHIAYQB0AG8AcgBQAGEAcwBzAHcAbwByAGQA</Value>

<PlainText>false</PlainText>

</AdministratorPassword>

<LocalAccounts>

<LocalAccount wcm:action="add">

<Password>

<Value>UABhAHMAcwB3AG8AcgBkADEAUABhAHMAcwB3AG8AcgBkAA==</Value>

<PlainText>false</PlainText>

</Password>

<Description>Local Account</Description>

<Group>Administrators</Group>

<Name>Administrator</Name>

</LocalAccount>

</LocalAccounts>

</UserAccounts>

<RegisteredOwner />

</component>

</settings>

<cpi:offlineImage cpi:source="wim:e:/windows7.wim#Windows7" xmlns:cpi="urn:schemas-microsoft-com:cpi" />

</unattend>

 

Any help much appreciated, fingers crossed it something simple I have missed.

Share this post


Link to post
Share on other sites


Could it be that you did not specify te OU in the XML: <MachineObjectOU>OU=MyOu,DC=MyDom,DC=MyCompany,DC=com</MachineObjectOU>

Put it beneath the join domain line.

 

 

 

Also, your region/language settngs are not quite right, not that it's relevant to your domain join issue:

<InputLocale>en-gb</InputLocale>

<SystemLocale>en-gb</SystemLocale>

<UILanguage>en-us</UILanguage>

<UserLocale>en-gb</UserLocale>

Share this post


Link to post
Share on other sites

I assumed it would automatically place it in the computers container if this field was empty. I have updated the file and no change, still no domain Join :wacko:

 

P.s Thanks for the heads up I would have missed that because of this Domain issue :)

 

 

<?xml version="1.0" encoding="utf-8"?>

<unattend xmlns="urn:schemas-microsoft-com:unattend">

<settings pass="specialize">

<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<RegisteredOwner>***</RegisteredOwner>

<RegisteredOrganization>****</RegisteredOrganization>

<TimeZone>GMT Standard Time</TimeZone>

<ComputerName>*</ComputerName>

</component>

<component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<Identification>

<Credentials>

<Domain></Domain>

<Password></Password>

<Username></Username>

</Credentials>

<UnsecureJoin>True</UnsecureJoin>

<JoinDomain>****.*****.****.***</JoinDomain>

<MachineObjectOU>OU=TestOU,DC=****,DC=*****,DC=****,DC=Com</MachineObjectOU>

</Identification>

</component>

</settings>

<settings pass="oobeSystem">

<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<InputLocale>en-uk</InputLocale>

<SystemLocale>en-uk</SystemLocale>

<UILanguage>en-uk</UILanguage>

<UserLocale>en-uk</UserLocale>

</component>

<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<OOBE>

<HideEULAPage>true</HideEULAPage>

<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>

<NetworkLocation>Work</NetworkLocation>

</OOBE>

<UserAccounts>

<AdministratorPassword>

<Value>UABhAHMAcwB3AG8AcgBkADEAQQBkAG0AaQBuAGkAcwB0AHIAYQB0AG8AcgBQAGEAcwBzAHcAbwByAGQA</Value>

<PlainText>false</PlainText>

</AdministratorPassword>

<LocalAccounts>

<LocalAccount wcm:action="add">

<Password>

<Value>UABhAHMAcwB3AG8AcgBkADEAUABhAHMAcwB3AG8AcgBkAA==</Value>

<PlainText>false</PlainText>

</Password>

<Description>Local Account</Description>

<Group>Administrators</Group>

<Name>Administrator</Name>

</LocalAccount>

</LocalAccounts>

</UserAccounts>

<RegisteredOwner />

</component>

</settings>

<cpi:offlineImage cpi:source="wim:e:/windows7.wim#Windows7" xmlns:cpi="urn:schemas-microsoft-com:cpi" />

</unattend>

 

Any other Ideas Welcome?

 

Thanks

Share this post


Link to post
Share on other sites

You may be correct about joinbting the computers OU. I know in SCCM/OSD it would not like that. The UnsecreJoin is not something I'm familiar with using, although I know what it's supposed to do.

 

As a test, why not leave out the UnsecureJoin and give the XML all the required credentials to join the domain (OU, domain, user, password, etc.) and work backwards from there. I'm not in a position to test this method myself right now, so I can't provide much more insight.

Share this post


Link to post
Share on other sites

According to the TechNet article that you linked, unsecure join tries to join the domain without credentials. Set unsecurejoin=False and then it should use the credentials in the unattend file to join the domain. So, your unattend file is trying to join the domain without the credentials being used. This TechNet article should help clarify that for you, and points out that if you are intentionally using unsecurejoin=True, then you do not create the settings for Username, password and domain under the credentials section.

 

 

I would also like to add that the Microsoft Deployment Toolkit can be a great help with deploying Windows Operating systems. You do not have to set things like domain join in the unattend file, because you set it in the task sequence in MDT and MDT passes the information into the deployment process for you.

 

Hope this helps,

David

Windows Outreach Team - IT Pro

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...