Sean
asked on
Powershell/Vb Script to rename PC and add to a domain using encrypted domain credentials
Hello,
I need a script to rename a computer and join it to the domain. I need the domain credentials to be encrypted since this task is being out sourced.
Thank you
I need a script to rename a computer and join it to the domain. I need the domain credentials to be encrypted since this task is being out sourced.
Thank you
ASKER
Cristian ,
Thank you. Will try it and provide feedback asap.
Sean
Thank you. Will try it and provide feedback asap.
Sean
Sean,
Re-reading the sample code, I found a mistake:
$password = Read-Host -Prompt "Enter password for $user" -AsSecureString
Thinking faster than I type :)
Correct the line in:
$password = Read-Host -Prompt "Enter password for $password" -AsSecureString
Re-reading the sample code, I found a mistake:
$password = Read-Host -Prompt "Enter password for $user" -AsSecureString
Thinking faster than I type :)
Correct the line in:
$password = Read-Host -Prompt "Enter password for $password" -AsSecureString
You can delegate the domain join permissions to a normal account on a particular OU.
This is safer.
If the account you are using above is a domain admin then you are at risk even with an encrypted password.
This is safer.
If the account you are using above is a domain admin then you are at risk even with an encrypted password.
ASKER
Nagendra,
trying your suggestion also. Will provide feedback.
Thank you very much
Sean
trying your suggestion also. Will provide feedback.
Thank you very much
Sean
ASKER
Cristian,
Have some issues that I need to work out with your script. I am looking for a script that would only ask for the new computer name. The domain credentials should already be in the script. Would be nice to have the password encrypted even-though I am using the "Delegate Control" in AD as Nagendra kindly suggested.
Thanks agian
Sean
Have some issues that I need to work out with your script. I am looking for a script that would only ask for the new computer name. The domain credentials should already be in the script. Would be nice to have the password encrypted even-though I am using the "Delegate Control" in AD as Nagendra kindly suggested.
Thanks agian
Sean
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Cristian,
Does not like "//already encrypted"
Thank you for your time
Sean
Does not like "//already encrypted"
Thank you for your time
Sean
Hi Sean,
Remove that :-) It was a note for you.
Regards
Remove that :-) It was a note for you.
Regards
ASKER
Very sorry for not responding sooner. Some fires that need to be put out first. Will update as soon as possible.
Thanks
Sean
Thanks
Sean
ASKER
Thank you Cristian.
You need to request user's input or you need to have already stored data inside?
If you need to encrypt the data and send it like this you can use this case to encrypt it:
$password = "password" | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString
Once encrypt it you use the new variable like this:
$password = "01000000d08c9ddf0115d1118
Otherwise:
To rename use:
$computername = Read-Host -Prompt "Enter computer name $computername"
$domain = "myDomain"
$user = "myUserAccount"
$password = Read-Host -Prompt "Enter password for $user" -AsSecureString
$credential = "$domain\$user"
Rename-computer –newname $computername –domaincredential $credential –force
To add it in AD:
$credentialObject = New-Object System.Management.Automati
Add-Computer -DomainName $domain -Credential $credentialObject