VMware Cloud Community
n8watcher
Contributor
Contributor
‎06-09-2020 07:25 AM

vRA 7.6 software component powershell create OU and join VM fails with exit value 1

Hi together,

hopefully someone could help because I'm getting crazy with this problem.

My plan is to deploy a VM with vRA 7.6 and everything works exept the powershell software component.

This powershell script should only get the variable from custom form and check the AD if OU exists or not, create if not exist and join the VM to domain.

# username password for AD join

$password = "xxx" | ConvertTo-SecureString -asPlainText -Force

$username = "xxx"

$ADcredential = New-Object System.Management.Automation.PSCredential($username,$password)

# Set DomainController for specific Domain

$domainController = (Get-ADDomainController -Domain $Domain -Discover -Writable -SiteName "Backbone").HostName[0].ToString()

try{

Get-ADOrganizationalUnit -Identity $TargetOU -Credential $ADcredential -Server $domainController

}

catch{

New-ADOrganizationalUnit -Name $createOUName -Path "$CreateOUPath" -ProtectedFromAccidentalDeletion $false -Credential $ADcredential -Server $domainController -ErrorAction Ignore

}

#AD join

Add-Computer -DomainName $Domain -OUPath $TargetOU -Credential $ADcredential -Server $domainController -PassThru -Verbose #-Restart

$LASTEXITCODE = 0

$LASTEXITCODE

exit

( code insertion doesn't work as expected 😞 )

What I've checked:

- if the OU exist the PS script is working and join the new VM to the given OU

- when I've changed $createOUPath variable to a static entry the PS script is working and a new OU is created and VM joined to this OU

- when I execute the script locally on a VM template it is working without any error

- I've added $LASTEXITCODE and -ErrorAction Ignore and still getting: "ABORT. Encountered error in Powershell. Error while executing script: Process exited with an error: 1 (Exit value: 1)" but $LASTEXITCODE is shown with value 0?!

So I know that the problem is the $CreateOUPath variable because (as mentioned above) when I'll enter there static entry it works.

Did someone know what I'm doing wrong?

Thank you guys.

0 Kudos
8 Replies
daphnissov
Immortal
Immortal
‎06-09-2020 07:33 AM

Use a Write-Output statement in your catch block just before invoking New-ADOrganizationalUnit. Show the output from a failed run to see what value is present. Also, remove double quotes around that variable as it's not needed.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net
0 Kudos
n8watcher
Contributor
Contributor
‎06-09-2020 08:24 AM

Hi daphnissov,

I've reworked the script with your recommendations and get following error:

New-ADOrganizationalUnit -Name TestDL28 -Path OU=TEST,DC=test1,DC=test,DC=intern -ProtectedFromAccidentalDeletion False -Credential UserName Password -------- -------- XXXX System.Security.SecureString -Server DC01.test1.test.intern Add-Computer : Computer 'vRAtestAD36' failed to join domain 'test1.test.intern\DC01.test1.test.intern' from its current workgroup 'WORKGROUP' with following error message: The system cannot find the file specified. At C:\Windows\Temp\fea51b03-d7c5-4457-9875-a0a4da41f126\task.ps1:21 char:1 + Add-Computer -DomainName $Domain -OUPath $TargetOU -Credential $ADcre ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : OperationStopped: (vRAtestAD36:String) [Add-Comp uter], InvalidOperationException + FullyQualifiedErrorId : FailToJoinDomainFromWorkgroup,Microsoft.PowerShe ll.Commands.AddComputerCommand 0 True ABORT. Encountered error in Powershell. Error while executing script: Process exited with an error: 1 (Exit value: 1)

BR,

Dome

0 Kudos
daphnissov
Immortal
Immortal
‎06-09-2020 09:09 AM

Forgot that with OU distinguished names they do need to be quoted. Change your script in the software component to enclose that variable in single quotes. You may need to wrap that in double quotes to get the variable to expand properly. I always forget what the order is when getting variable expansion to work but also include quotes. It's either

"'myVar'"

or

""myVar""

First is double quotes then single; second is two double quotes.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net
0 Kudos
n8watcher
Contributor
Contributor
‎06-09-2020 11:14 AM

""myVar"" didn't returned an error message exept from:

ABORT. Encountered error in Powershell. Error while executing script: Process exited with an error: 1 (Exit value: 1)

But VM and OU are created and VM is domain joined but because of error complete deployment faild and VM is decomissioned.

😞 so same as before.

Didn't get it what is here the problem with the OU Path from custom form. As I said when I only change OU path to static it's working:

Write-Output New-ADOrganizationalUnit -Name "TESTDL" -Path "OU=TEST,dc=test1,dc=test,dc=intern" -ProtectedFromAccidentalDeletion $false -Credential $ADcredential -Server $domainController -ErrorAction Ignore

0 Kudos
daphnissov
Immortal
Immortal
‎06-09-2020 11:21 AM

As I said when I only change OU path to static it's working:

What exactly do you mean? Are you saying if you specify the path in the custom form it works when driven through the software component, or if you invoke the PS manually from an interactive session on the deployed VM? The first is significant; the second not so much.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net
0 Kudos
n8watcher
Contributor
Contributor
‎06-09-2020 10:06 PM

I mean when I write the OU path directly into the software component  and didn't take the variable it works without any error.

So instead of:

Write-Output New-ADOrganizationalUnit -Name ""$createOUName"" -Path ""$CreateOUPath"" -ProtectedFromAccidentalDeletion $false -Credential $ADcredential -Server $domainController -ErrorAction Ignore

I'll fill $CreateOUPath:

Write-Output New-ADOrganizationalUnit -Name ""$createOUName"" -Path ""OU=TEST,dc=test1,dc=test,dc=intern"" -ProtectedFromAccidentalDeletion $false -Credential $ADcredential -Server $domainController -ErrorAction Ignore

The first one creates OU and later join VM to domain but throw the mentioned exit error=1.

The second one works like a charm and complete deployment finished successfully.

Can it be a bug?

0 Kudos
daphnissov
Immortal
Immortal
‎06-10-2020 04:00 AM

Yes, I understand what you mean by populating the variable manually, but that's not what I was last asking. I'm asking how are you then running it? Please explain how you supply this variable manually and it runs successfully. Are you doing it from an interaction session (manually, when logged into the system as a user), or are you supplying that value manually in vRA somewhere (on the form, in a software component property, etc.). Please show me what steps you took. It's not a bug; it's either the value is getting invalid characters somewhere, or it's an environmental issue.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net
0 Kudos
n8watcher
Contributor
Contributor
‎06-12-2020 05:26 AM

I've solved this. Problem is Get-ADorganizationalunit in addition with -Identity parameter because it will give us an error OU in Active Directory not found if the OU doesn't exist. vRA takes this "error" and give it as exit=1 back and stop the deployment / decomission the VM because of that.

To solve it easily use Get-ADOrganizational Unit with -FIlter parameter.

Thanks for your input.

0 Kudos