Hi PowerCLI experts,
Has anyone had success running add-computer within a Window guest via Invoke-VMScript to join it to the domain?
I played with this for an hour and a half last night without success.
If someone has made this work, I'd love to know what you did...
Thanks!
Can you post what you were working on so we can build from that or point you in the right direction?
Hi jpsider, well, I tried several things, but the thing I still have open in my PowerShell ISE window is this, (which never returned):
$myscript = @"
$cred = New-Object System.Management.Automation.PsCredential("domain\user", (ConvertTo-SecureString "P@ssw0rd" -AsPlainText -Force))
Add-Computer -DomainName "mydomain" -Credential $cred -ComputerName mywindowsserver
Restart-Computer
"@
Invoke-VMScript -ScriptText $myscript -vm mywindowsserver -GuestUser administrator -GuestPassword 'P@ssw0rd' -ScriptType Powershell
Thanks,
Mike
how about something like this
$vmLocalUser = "$VMName\ LOCAL USER NAME HERE"
$vmLocalPWord = ConvertTo-SecureString -String "LOCAL PASSWORD HERE" -AsPlainText -Force
$vmLocalCredential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $vmLocalUser, $vmLocalPWord
# This Scriptblock is used to add new VMs to the newly created domain by first defining the domain creds on the machine and then using Add-Computer
$JoinNewDomain = '$DomainUser = "TESTDOMAIN\Administrator";
$DomainPWord = ConvertTo-SecureString -String "Password01" -AsPlainText -Force;
$DomainCredential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $DomainUser, $DomainPWord;
Add-Computer -DomainName TestDomain.lcl -Credential $DomainCredential;
Start-Sleep -Seconds 20;
Shutdown /r /t 0'
Invoke-VMScript -ScriptText $JoinNewDomain -VM $VMName -GuestCredential $vmLocalCredential
I've been using the below snippets in my scripts pretty successfully for some time.
Hope this helps!
The variable $machine is set to the machine name
### get Domain Admin credentials and validate them before moving on
$i=0
do {
do {
$cred=$host.ui.PromptForCredential("Enter Domain Admin credentials", "Please enter your Domain Admin user (domainname\username) and password for domain: '$domain'", "", "")
}until ($cred.username.contains("\"))
add-Type -AssemblyName System.DirectoryServices.AccountManagement
$ct = [System.DirectoryServices.AccountManagement.ContextType]::Domain
$pc = New-Object System.DirectoryServices.AccountManagement.PrincipalContext $ct,$Domain
$i+=1
if ($i -eq 3){
write-host "You've entered your credentials incorrectly three times. This script will now exit to prevent you from locking your account out."
exit
}
#$i
} until ($pc.ValidateCredentials($(if($cred.UserName.Contains("\")) {@($cred.username.Split("\"))[1]}else{$cred.UserName}),$($cred.GetNetworkCredential().password)))
### get local admin credentials
$localcreds=$host.ui.PromptForCredential("Need credentials", "Please enter the local administrator username and password for '$DC'", "$machine\administrator", "")
###add to domain
write-host "Joining to the domain and moving to correct OU" -BackgroundColor Green -ForegroundColor Black
Connect-QADService $domain -Credential $cred
sleep 10
if ((Get-qadcomputer $machine) -eq $null) {
$ad="netdom join /d:$domain $machine /ud:$($cred.UserName) /pd:$($cred.GetNetworkCredential().password)"
sleep 20
invoke-vmscript -vm $machine -scripttext $ad -scripttype bat -guestcredential $localcreds
sleep 20
invoke-vmscript -vm $machine -scripttext "restart-computer -force" -scripttype powershell -guestcredential $localcreds -ea SilentlyContinue
write-host "Note, the 'restart-computer' script often fails. This is actually ok as it means the VM joined the dmain and is already rebooting."
}
I am newly active to this community, so if you've found this to be helpful I'd appreciate you clicking the like button.
Cheers!
Thanks, I'll try it out in my environment :smileycool:
Thanks ScottDriver42, I'll try it out
So for my dumb question, I'm new to this. Where do I point it to the VM I am trying to join the domain?
I put ScottDriver42 script in a Join_Domain.ps1 file and ran Join_Domain.ps1 VM1
I enter my domain and local credentials and I received the error below. Any suggestions would be greatly appreciated.
PS C:\!Powershell> .\Join_Domain.ps1 VM1
Joining to the domain and moving to correct OU
Connect-QADService : The term 'Connect-QADService' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the
path is correct and try again.
At C:\!Powershell\Join_Domain.ps1:53 char:1
+ Connect-QADService $domain -Credential $cred
+ ~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Connect-QADService:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
Get-qadcomputer : The term 'Get-qadcomputer' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path
is correct and try again.
At C:\!Powershell\Join_Domain.ps1:59 char:6
+ if ((Get-qadcomputer $machine) -eq $null) {
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-qadcomputer:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
Sorry, the qad cmdlets are from quest which was bought by dell. I’m not sure if they are stil available or not, but I’ve always found them to be more user friendly than built in ad Cmdlets.
If you can’t find them, DM me and I’ll send you a copy.
Sorry for the difficulties.