Solved

Script to join domain....

Posted on 2012-04-02
12
1,815 Views
Last Modified: 2016-11-23
Hi experts,

I'm hoping you can assist, I'm after a script I can run that will automatically Join a machine to a domain, basically we using dell kace to pull down our image to the machine, I then want the tech to just click on a .vbs or .bat file and input computer name, which I will prestage in advance and reboot and that's it,

Can you assist...

Craig
0
Comment
Question by:craigleenz
  • 5
  • 4
  • 2
  • +1
12 Comments
 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37795441
0
 
LVL 21

Expert Comment

by:motnahp00
ID: 37795559
I cannot access the URL by Anuroopsundd, but here's something you can try:

netdom join %computername% /domain:companyabc.com /userd:administrator /passwordd:MySecretPassword & shutdown /r /t 0
0
 
LVL 12

Expert Comment

by:Daz_1234
ID: 37800782
This is a generic version of a live VBScript I wrote to use with some error checking and retrying.  This method is very successful in our environment.

Because I have amended it to make it generic, I may have introduced a bug because I haven't tested this version at this time.

Hope this helps,
Daz.

strDomain = "yourdomain.com"
strUser   = "domjoinuser"   '# user a restricted user account that only has rights to joind domain.
strPass   = "notsosecretpassword"
strOUDN   = ""  '# or set to specific OU DN e.g.  "OU=Computers,OU=Paris,DC=yourdomain,DC=com"

strComputername = InputBox("Enter computer name:","Computername")
If strComputername = "" Then WScript.Quit

'# Retry 5 times with 30 second intervals if 1722 is returned (The RPC server is unavailable).
intCount = 0
Do
    intCount = intCount + 1
    ret = fJoinDomain()
    If ret = 1722 And intCount < 5 Then
        WScript.Sleep 30000  '# Wait 30 seconds.
    Else
        Exit Do
    End If
Loop

MsgBox "Domain Join return: " & ret
WScript.Quit ret

Function fJoinDomain()
    'On Error Resume Next
    Const JOIN_DOMAIN = 1
    Const ACCT_CREATE = 2
    Dim oComputer, ret

    Set oComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!\\" & strComputername & "\root\cimv2:Win32_ComputerSystem.Name='" & strComputername & "'")
    ErrCheck Err.Number <> 0, Err.Number, "Error connecting to local computer via WMI: " & Err.Number & " - " & Err.Description
    ret = oComputer.JoinDomainOrWorkGroup(strDomain, strPass, strDomain & "\" & strUser, strOUDN, JOIN_DOMAIN + ACCT_CREATE)
    ErrCheck Err.Number <> 0, Err.Number, "Error attempting to join Domain '" & strDomain & "': " & Err.Number & " - " & Err.Description
    If ret = 2224 Then '# Account already exists, try again without creating account ...
        ret = oComputer.JoinDomainOrWorkGroup(strDomain, strPass, strDomain & "\" & strUser, strOUDN, JOIN_DOMAIN)
        ErrCheck Err.Number <> 0, Err.Number, "Error attempting to join Domain '" & strDomain & "': " & Err.Number & " - " & Err.Description
    End If
    ErrCheck ret <> 0, ret, "Failed to join Domain '" & strDomain & "'. Return: " & ret & " - " & fGetWMIError(ret)

    If Err.Number <> 0 Then ret = Err.Number
    fJoinDomain = ret
End Function

Function fGetWMIError(intError)
    Dim tmp
    Select Case intError
        Case 0    tmp = "Successful completion, no reboot required."
        Case 1    tmp = "Successful completion, reboot required."
        Case 2    tmp = "Invalid OU parameter."
        Case 5    tmp = "Access Denied."
        Case 73   tmp = "Invalid domain name."
        Case 74   tmp = "Invalid host name."
        Case 86   tmp = "Frame or network number bounds error."
        Case 87   tmp = "Invalid frame type."
        Case 91   tmp = "Access denied."
        Case 93   tmp = "Already exists."
        Case 94   tmp = "Path, file, or object not found."
        Case 95   tmp = "Unable to notify service."
        Case 96   tmp = "Unable to notify DNS service."
        Case 97   tmp = "Interface not configurable."
        Case 98   tmp = "Not all DHCP leases can be released or renewed."
        Case 100  tmp = "DHCP not enabled on adapter."
        Case 1003 tmp = "Unable to create object - check joining account has permissions to create computers in the OU."
        Case 1326 tmp = "Logon failure: unknown user name or bad password."
        Case 1355 tmp = "The specified domain either does not exist or could not be contacted."
        Case 1722 tmp = "The RPC server is unavailable"
        Case 1909 tmp = "The '" & strDomain & "\" & strUser & "' account is locked out."
        Case 2224 tmp = "The account is already existing on the domain."
        Case 2240 tmp = "Check the joining account has permissions to log on."
        Case 2691 tmp = "This computer is already a Domain member."
        Case Else tmp = "Unknown error: " & intError
    End Select
    fGetWMIError = tmp
End Function

Sub ErrCheck(blTest, iErrNum, sMsg)
    If blTest <> True Then Exit Sub
    'MsgBox sMsg, vbCritical + vbSystemModal, "ERROR"
    wshShell.LogEvent 1, "Error " & iErrNum & ": " & sMsg
End Sub

Open in new window

0
 

Author Comment

by:craigleenz
ID: 37831822
sorry the above just doesn't work, I'm not a scripting person per say, something straight forward is all I'm after,
0
 
LVL 21

Expert Comment

by:motnahp00
ID: 37832042
Have you tried this craig?

netdom join %computername% /domain:companyabc.com /userd:administrator /passwordd:MySecretPassword & shutdown /r /t 0
0
 
LVL 12

Expert Comment

by:Daz_1234
ID: 37832755
Hi Craig,

Could you please be a bit more specific: when you say the script I provided doesn't work, what is the error, or message contents?


I designed it to be a simple as possible: after amending the key details in the first 4 lines (and saving as a .vbs script), all you need to do is literally double-click the vbs, enter the computername, and go.

Regards,
Darren.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:craigleenz
ID: 37835278
@ motnahp00, thanks, but your suggestion does not work unfortunately,
@ Daz, thank you too, but all I get is an error saying "The remote server machine does not exist or is unavailable" "GetObject"
Code: 800A01CE
Also I want the machine to restart once this is done
0
 
LVL 12

Expert Comment

by:Daz_1234
ID: 37837241
I think that I responded in haste without completely thinking this through.

Is the computer already the correct name, or did you want the script to rename the computer first and then join it to the domain?  

Daz.
0
 
LVL 12

Accepted Solution

by:
Daz_1234 earned 500 total points
ID: 37837377
If you did want a rename and join domain all-in-one, it is below.  As before, change the info at the top to your details.  I have not got a test rig at the moment available until Monday, so if there are any bug, we'll troubleshoot them.

Daz.

Dim oComputer, strDomain, strPass, strOUDN, ret, strComputername, oWMI, intCount

strDomain = "yourdomain.com"
strUser   = "domjoinuser"   '# user a restricted user account that only has rights to joind domain.
strPass   = "notsosecretpassword"
strOUDN   = ""  '# or set to specific OU DN e.g.  "OU=Computers,OU=Paris,DC=yourdomain,DC=com"

strComputername = InputBox("Enter computer name:","Computername")
If strComputername = "" Then WScript.Quit

'# Rename Computer & join domain
Set oWMI = GetObject("winmgmts:\\.\root\cimv2")
For Each oComputer in oWMI.InstancesOf("Win32_ComputerSystem")
    ret = oComputer.Rename(strComputername)
    If ret <> 0 Then
        Wscript.Echo "Rename failed. Return = " & ret & vbcrlf & "Exiting script."
    End If

    '# Join Domain:  Retry 5 times with 30 second intervals if 1722 is returned (The RPC server is unavailable).
    intCount = 0
    Do
        intCount = intCount + 1
        ret = fJoinDomain()
        If ret = 1722 And intCount < 5 Then
            WScript.Sleep 30000  '# Wait 30 seconds.
        Else
            Exit Do
        End If
    Loop
    Exit For
Next

MsgBox "Domain Join return: " & ret
WScript.Quit ret

Function fJoinDomain()
    On Error Resume Next
    Const JOIN_DOMAIN = 1
    Const ACCT_CREATE = 2
    Dim ret

    ErrCheck Err.Number <> 0, Err.Number, "Error connecting to local computer via WMI: " & Err.Number & " - " & Err.Description
    ret = oComputer.JoinDomainOrWorkGroup(strDomain, strPass, strDomain & "\" & strUser, strOUDN, JOIN_DOMAIN + ACCT_CREATE)
    ErrCheck Err.Number <> 0, Err.Number, "Error attempting to join Domain '" & strDomain & "': " & Err.Number & " - " & Err.Description
    If ret = 2224 Then '# Account already exists, try again without creating account ...
        ret = oComputer.JoinDomainOrWorkGroup(strDomain, strPass, strDomain & "\" & strUser, strOUDN, JOIN_DOMAIN)
        ErrCheck Err.Number <> 0, Err.Number, "Error attempting to join Domain '" & strDomain & "': " & Err.Number & " - " & Err.Description
    End If
    ErrCheck ret <> 0 And ret <> 1, ret, "Failed to join Domain '" & strDomain & "'. Return: " & ret & " - " & fGetWMIError(ret)

    If Err.Number <> 0 Then ret = Err.Number
    fJoinDomain = ret
End Function

Function fGetWMIError(intError)
    Dim tmp
    Select Case intError
        Case 0    tmp = "Successful completion, no reboot required."
        Case 1    tmp = "Successful completion, reboot required."
        Case 2    tmp = "Invalid OU parameter."
        Case 5    tmp = "Access Denied."
        Case 73   tmp = "Invalid domain name."
        Case 74   tmp = "Invalid host name."
        Case 86   tmp = "Frame or network number bounds error."
        Case 87   tmp = "Invalid frame type."
        Case 91   tmp = "Access denied."
        Case 93   tmp = "Already exists."
        Case 94   tmp = "Path, file, or object not found."
        Case 95   tmp = "Unable to notify service."
        Case 96   tmp = "Unable to notify DNS service."
        Case 97   tmp = "Interface not configurable."
        Case 98   tmp = "Not all DHCP leases can be released or renewed."
        Case 100  tmp = "DHCP not enabled on adapter."
        Case 1003 tmp = "Unable to create object - check joining account has permissions to create computers in the OU."
        Case 1326 tmp = "Logon failure: unknown user name or bad password."
        Case 1355 tmp = "The specified domain either does not exist or could not be contacted."
        Case 1722 tmp = "The RPC server is unavailable"
        Case 1909 tmp = "The '" & strDomain & "\" & strUser & "' account is locked out."
        Case 2224 tmp = "The account is already existing on the domain."
        Case 2240 tmp = "Check the joining account has permissions to log on."
        Case 2691 tmp = "This computer is already a Domain member."
        Case Else tmp = "Unknown error: " & intError
    End Select
    fGetWMIError = tmp
End Function

Sub ErrCheck(blTest, iErrNum, sMsg)
    If blTest <> True Then Exit Sub
    'MsgBox sMsg, vbCritical + vbSystemModal, "ERROR"
    wshShell.LogEvent 1, "Error " & iErrNum & ": " & sMsg
End Sub

Open in new window

0
 

Author Comment

by:craigleenz
ID: 37839243
thanks Daz, will give this a try when I get to the office later.
0
 

Author Closing Comment

by:craigleenz
ID: 37857454
the script requires alot more tweaking and is still flacky, I will award the points on the basis that it's the closet I've got to getting a script,
0
 
LVL 12

Expert Comment

by:Daz_1234
ID: 37857578
I would have been more than happy to keep working with you on this to get you a result you were completely happy with.  It is difficult to create a script that is suiitable for your environment in one hit and it is normal that a solution can take a bit of tweaking and amending before it is perfect.

I am sorry you are leaving this question when you are not completely satisfied.

Good luck,
Daz.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now