Script to join server to domain when object already exists in active directory

We use SCCM OSD for server deployment.  One of our pre-build steps is for the builder to manually create the computer object in AD and in the appropriate OU.

During the build process using SCCM OSD, I can run scripts to do things.  I want one of those scripts to join the computer to the domain and ignore the fact that the object already exists in AD.  

If the computer object exists in AD and I manually join the computer to the domain, everything works fine.  However when I try and script this using powershell or vbscript, it bombs out because the object is already there.  I don't know why this is the case and I haven't found a workaround for it.

Just to answer the inevitable questions that will arise, we have a very complex OU structure so we can't script adding the servers to one OU because a server could go into one of any of the 30 or so OUs we have.  We deploy a high volume of servers for different business units within the company.  Also, it is far more preferable to have the builders create the objects first rather than letting a script add the servers to the generic Computers OU or some other OU and risk having them forget to move the objects, resulting in issues later on.

I would think there would be a simple piece to add to a script to have it ignore the objects exists and simply join the domain rather than join and create the object.  How can I get around this.  Please provide a full script if you can as I am new to scripting.  I don't care if its vbscript or powershell.    
CMST_userAsked:
Who is Participating?
 
CMST_userAuthor Commented:
I actually found a script that works perfectly.

Const JOIN_DOMAIN             = 1
Const ACCT_CREATE             = 2
Const ACCT_DELETE             = 4
Const WIN9X_UPGRADE           = 16
Const DOMAIN_JOIN_IF_JOINED   = 32
Const JOIN_UNSECURE           = 64
Const MACHINE_PASSWORD_PASSED = 128
Const DEFERRED_SPN_SET        = 256
Const INSTALL_INVOCATION      = 262144

strDomain   = "DOMAIN"
strPassword = "PASSWORD!"
strUser     = "ACCOUNT"

Set objNetwork = CreateObject("WScript.Network")

strComputer = objNetwork.ComputerName

Set objComputer = _
    GetObject("winmgmts:{impersonationLevel=Impersonate}!\\" & _
    strComputer & "\root\cimv2:Win32_ComputerSystem.Name='" _
    & strComputer & "'")

ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _
    strPassword, _
    strDomain & "\" & strUser, _
    NULL, _
    JOIN_DOMAIN)
0
 
brittonvCommented:
This is due to the script using a different set of credientials than were used to create CO.  

Can you use the same creds for both purposes?  IOW Run script as the same usere used to create the CO?
0
 
CMST_userAuthor Commented:
I don't think it has anything to do with the script.  We have a service account setup in the script, but to test I also used my credentials which are domain admin and it bombed out.  The bombing out is 100% due to the object already being in AD.  I don't know how to get a script to ignore that.  I've tried disabling the account but that does nothing.  
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

 
CMST_userAuthor Commented:
Correction - that should say I don't think it has anything to do with the credentials.
0
 
brittonvCommented:
Try creating the Computer Object with the "Service Account" credentials
0
 
RobSampsonCommented:
This code uses NetDom.exe to join the computer to the domain, and shouldn't bomb the script out if the object already exists.

Rob.
Set objNetwork = CreateObject("WScript.Network")
Set objShell = CreateObject("WScript.Shell")
strComputerName = objNetwork.ComputerName
strDomain = "YourDomain"
strAdminUser = "AdminUser"
strAdminPass = "AdminPass"
strCommand = "cmd /c NETDOM JOIN " & strComputerName & " /Domain:" & strDomain & " /userD:" & strDomain & "\" & strAdminUser & " /passwordD:" & strAdminPass & " /REBOOT 10"
objShell.Run strCommand, 0, True

Open in new window

0
 
CMST_userAuthor Commented:
I ran that script using cscript scriptname.vbs where I pasted that code into a vbs script.  The script did not return any errors, but it did not join the computer to the domain.  It also didn't reboot as the script says so I'm not sure where it got held up.
0
 
RobSampsonCommented:
OK, above this:
objShell.Run strCommand, 0, True

put this:
strCommand = InputBox("About to run", "Command", strCommand)

and then when you see that prompt, you can copy and paste that text directly into a command prompt to see what it does.

When you paste it at the command prompt, remove the cmd /c from the front.

Regards,

Rob.
0
 
CMST_userAuthor Commented:
After further research, found a script to do what I need.
0
 
brittonvCommented:
What credential do you use in your script?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.