janhoedt
asked on
Creating VM W10 domain joined (sequencer), Powershell
Hi,
I'd need a jumpstart for creating a domain joined W10 VM on VMWare VSphere, using Powershell.
I have a VM which was domain joined (meanwhile lost its domain trust, but that shouldn't matter I guess?), then I used following lines
New-OSCustomizationSpec -Name $OSCustSpecName -FullName $OsCustSpecFullname -OrgName $OrgName `
-OSType Windows -ChangeSid -AdminPassword (Read-Host -AsSecureString) -Domain $Domain -DomainCredentials (Get-Credential)
#########
$OSSpecs = Get-OSCustomizationSpec -Name $OSCustSpecName
$VMTemplate = Get-Template -Name $VMTemplateName
#########
New-VM -Name $VMName -Template $VMTemplate -OSCustomizationSpec $OSSpec -ResourcePool $Resourcepool
Looks fine but just don't have much time, needs to work flawlessly and don't want reinvent warm water and going through mistakes.$
Please advise (f.e. it is a machine which will be reverted continuously to troubleshoot installs, should I set -autologon to 999999, will the KMS be contacted automtically or do I need to configure stuff, isn't there a sysprep needed or does a clone do the work etc).
All input really welcome!
J.
!! UPDATE: the VM was created succesfully, but obviously the domain join was not done, the trust with the domain is still gone, how do I achieve this (domain joined vm)?
I'd need a jumpstart for creating a domain joined W10 VM on VMWare VSphere, using Powershell.
I have a VM which was domain joined (meanwhile lost its domain trust, but that shouldn't matter I guess?), then I used following lines
New-OSCustomizationSpec -Name $OSCustSpecName -FullName $OsCustSpecFullname -OrgName $OrgName `
-OSType Windows -ChangeSid -AdminPassword (Read-Host -AsSecureString) -Domain $Domain -DomainCredentials (Get-Credential)
#########
$OSSpecs = Get-OSCustomizationSpec -Name $OSCustSpecName
$VMTemplate = Get-Template -Name $VMTemplateName
#########
New-VM -Name $VMName -Template $VMTemplate -OSCustomizationSpec $OSSpec -ResourcePool $Resourcepool
Looks fine but just don't have much time, needs to work flawlessly and don't want reinvent warm water and going through mistakes.$
Please advise (f.e. it is a machine which will be reverted continuously to troubleshoot installs, should I set -autologon to 999999, will the KMS be contacted automtically or do I need to configure stuff, isn't there a sysprep needed or does a clone do the work etc).
All input really welcome!
J.
!! UPDATE: the VM was created succesfully, but obviously the domain join was not done, the trust with the domain is still gone, how do I achieve this (domain joined vm)?
Remove and Re-Add. (it's lost it's Domain SID).
ASKER
Domain join is done now but the vm name IN Windows is the template name (vm itself has the correct name).
Thanks for your advise!
Thanks for your advise!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The VMWare Template does not give you an option to do that. You can set the machine name, then domain join, nowhere you can define the machine name.
ASKER
Maybe I could just do a rename-computer when it is already joined, then do a reboot?
ASKER
Tried with sysprep, but then I would need to dive into sysprep and don't feel like doing that honesly. Easily would spend a day to make that work.
ASKER
I think I know what might cause the issue: the template IS already domain joined. Maybe I should first unjoin the template...?
Can't have a template being a domain member, whenever you create VMs from it they'll all have the same SID. You should really sysprep it but at least remove it from the domain.
ASKER
You should really sysprep it but at least remove it from the domain.
That's confusing info. Or you sysprep it or you dont. If you dont, there is a reason, if you do also. You should doesn't help me deciding if I should or not.
That's confusing info. Or you sysprep it or you dont. If you dont, there is a reason, if you do also. You should doesn't help me deciding if I should or not.
ASKER
Note: I always assumed that converting to a template already was sysprepping, what else is the convert used for?
Making it a template just means you can't power it on or edit it, so you'll know it's the same as it was yesterday - a master to clone from. You can make a template out of a Linux VM and it isn't going to sysprep that is it?
ASKER
That leaves the question: use sysprep yes or no.
I have an sccm build of which I created a template, will first disjoin from domain then, afterwards create a template.
Then : sysprep yes or no?
Note: meant the guest os customization, that generaties a sid, so kind of sysprep I guess
I have an sccm build of which I created a template, will first disjoin from domain then, afterwards create a template.
Then : sysprep yes or no?
Note: meant the guest os customization, that generaties a sid, so kind of sysprep I guess
Are you sure? If you did not remove it from AD after the workstation trust went wrong then you can't add it back manually so why would you expect Powershell to be any different?
Does this have anything to do with virtualization, VMware or vSphere? Maybe it should be under Active Directory?