Jay Thomas

<div>
But, I I'd like to use a service account to get the pc joining the domain. So, I know I can use the above example using the service account service principal, but of course I am asked for a password, which I don't know. I know i'm missing something here at it may well be easy, how can I get around this? Any tips appreciated. You need the service account password. Sean just showed you how to quasi securely use the credential.
</div>

<div>
<blockquote>
But, I I'd like to use a service account to get the pc joining the domain
</blockquote>
Daevyd, OP will have to save the password and reuse it later within his script, this way it will not prompts the user for credentials. That password will be the password of the service account with the appropriate rights to join a computer to the domain. 
 

<blockquote>
but of course I am asked for a password, which I don't know
</blockquote>
Nothing can be done is AD without credentials
</div>

<div>
[I know, there is an easier way to do this now, but I've already built scripts for it.] 
 
Whenever I create VMs in Azure, I always run a script that sets up the VM for me: 
 

<pre><code class="code-10 nolinks" id="code-20-42796259-1">$baseFileName = Split-Path -Leaf -Path $fileName
$error.Clear()
Set-AzureStorageBlobContent -Container $containerName -File $fileName -Blob $baseFileName -Context $storagecontext -Force

$error.Clear()
$global:customScript = Set-AzureRmVMCustomScriptExtension `
 -ResourceGroupName $rgName `
 -Location $location `
 -VMName $vmName `
 -Name $scriptName `
 -StorageAccountName $saName `
 -StorageAccountKey $saKey `
 -ContainerName $containerName `
 -FileName $baseFileName `
 -Run $baseFileName `
 -Argument &quot;$forestName $dcName $adminUser $adminPass&quot; `
 -ErrorAction SilentlyContinue
</code></pre>
 
And these scripts take their parameters so that I can do things like join the domain: 

<pre><code class="code-10 nolinks" id="code-20-42796259-2">Param(
	[String] $forestName,
	[String] $server,
	[String] $user,
	[String] $password
)

function wv
{
 $s = $args -join ''
 write-verbose $s
}

 ## Join the domain
	## secureStrings and credentials are not easily portable between computers
	$netbios = if( ( $i = $forestName.IndexOf( '.' ) ) -gt 0 ) { $forestName.SubString( 0, $i ) } else { $forestName }
	$user = $netbios + '\' + $user
	$sec = ConvertTo-SecureString -String $password -AsPlainText -Force
	$cred = New-Object System.Management.Automation.PSCredential( $user, $sec )
	wv &quot;Startup-Server: Created pscredential for user '$user' passsword '$password'&quot;

	Start-Sleep -Seconds 2
	$count = 0
	$attemptLimit = 5
	while( $count -lt $attemptLimit )
	{
		$count++

		$error.Clear()
		Add-Computer `
			-DomainName $netbios `
			-Server $server `
			-Credential $cred `
			-Force `
			-ErrorAction SilentlyContinue
		if( $? )
		{
			wv &quot;Startup-Server: Join domain '$netbios' success&quot;
			break
		}

		wv &quot;Startup-Server: Join domain '$netbios' failed. Error: $( $error[0].ToString() )&quot;
		Start-Sleep -Seconds 30
	}

	if( $count -gt 0 ) 
	{
		wv &quot;Startup-Server: Executed Add-Computer (to join domain $netbios) $count time(s)&quot;
		if( $count -ge $attemptLimit )
		{
			wv &quot;Could not join domain $netbios. Returning failure.&quot;
			exit 1
		}
	}

	exit 0
</code></pre>
</div>

<div>
<div class="content wysiwyg-content">
Script help 
I have a test script I run from on-prem which builds a VM in Azure and then connects to the domain. 
I use Login-AzureRmAccount in the script to prompt the user to enter the username and password. 
 
Part of my script also joins the PC to the domain using &quot;add-computer –domainname ad.contoso.com -Credential AD\adminuser -restart –force and press Enter&quot; 
The user is then asked to enter a password. 
 
But, I I'd like to use a service account to get the pc joining the domain. So, I know I can use the above example using the service account service principal, but of course I am asked for a password, which I don't know. I know i'm missing something here at it may well be easy, how can I get around this? Any tips appreciated. 
Thanks
</div>
</div>

Script help
I have a test script I run from on-prem which builds a VM in Azure and then connects to the domain. 
I use Login-AzureRmAccount in the script to prompt the user to enter the username and password. 

Part of my script also joins the PC to the domain using "add-computer –domainname ad.contoso.com -Credential AD\adminuser -restart –force and press Enter"
The user is then asked to enter a password. 

But, I I'd like to use a service account to get the pc joining the domain. So, I know I can use the above example using the service account service principal, but of course I am asked for a password, which I don't know. I know i'm missing something here at it may well be easy, how can I get around this? Any tips appreciated.
Thanks

script issue with joining a pc to domain

Windows PowerShell is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and associated scripting language built on the .NET Framework. PowerShell provides full access to the Component Object Model (COM) and Windows Management Instrumentation (WMI), enabling administrators to perform administrative tasks on both local and remote Windows systems as well as WS-Management and Common Information Model (CIM) enabling management of remote Linux systems and network devices.

Powershell

Virtualization is the act of creating a virtual (rather than actual) version of something, including (but not limited to) a virtual computer hardware platform, operating system (OS), storage device, or computer network resources. Virtualization is usually the creation of a system that executes separate from the underlying hardware resources, or the creation of an entire desktop for systems located elsewhere, similar to thin clients.

Virtualization

Microsoft Azure is a cloud computing platform and infrastructure for building, deploying and managing applications and services through datacenters. It provides both platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS) services and supports many different programming languages, tools and frameworks, including both Microsoft-specific and third-party software and systems. Cloud Services is a PaaS environment and can be used to create scalable applications and services; there are specific software development kits (SDKs) provided by Microsoft for Python, Java, Node.js and .NET. Azure also has file and storage services, data management, analytics and DNS services.