New Question
0

Automate Join Domain for Windows Instance?

asked 2015-12-03 15:33:14 +0200

nalcado gravatar image

updated 2015-12-03 17:10:37 +0200

Hi There, I'd like to ask if there are practices to automate join domain on the windows instances launched from openstack. What do you guys usually do? any working template of unattend.xml to join domain?

I've tried to prepare windows image, install cloudbase init, and sysprep it, and i insert the unattend.xml via openstack configuration drive. However there is no luck, the instance fails to complete the installation, with the Panther setuperr.log like the following (unattended join: netjoindomain attempt failed: 0x35) image description

I encountered this issue specific in automating join domain when deployed from openstack, when i try my unattend.xml directly on the hypervisor, it can do the job.

Below is my unattend.xml

   <?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
 <settings pass="windowsPE">
  <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <SetupUILanguage>
                <UILanguage>en-US</UILanguage>
            </SetupUILanguage>
            <InputLocale>0409:00000409</InputLocale>
            <SystemLocale>en-US</SystemLocale>
            <UILanguage>en-US</UILanguage>
            <UILanguageFallback>en-US</UILanguageFallback>
            <UserLocale>en-US</UserLocale>
            <UserData>
                <ProductKey>
                    <Key>VDNYM-JBKJ7-DC4X9-BT3QR-JHRGY</Key>
                    <WillShowUI>Never</WillShowUI>
                </ProductKey>
                <AcceptEula>true</AcceptEula>
                <FullName>VG Admin</FullName>
                <Organization>VinGroup JSC</Organization>
            </UserData>

</component>
</settings>
  <settings pass="generalize">
    <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
    </component>
  </settings>

<settings pass="oobeSystem">
        <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <SystemLocale>en-US</SystemLocale>
            <UILanguage>en-US</UILanguage>
            <UserLocale>en-US</UserLocale>
        </component>
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <UserAccounts>
                <AdministratorPassword>
                    <Value>P@ssw0rd</Value>
                    <PlainText>true</PlainText>
                </AdministratorPassword>
                <LocalAccounts>
                    <LocalAccount wcm:action="add">
                        <Password>
                            <Value>P@ssw0rd</Value>
                            <PlainText>true</PlainText>
                        </Password>
                        <Description>vgadmin</Description>
                        <DisplayName>vgadmin</DisplayName>
                        <Group>administrators</Group>
                        <Name>vgadmin</Name>
                    </LocalAccount>
                </LocalAccounts>
            </UserAccounts>
            <OOBE>
                <HideEULAPage>true</HideEULAPage>
                <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
                <NetworkLocation>Home</NetworkLocation>
                <ProtectYourPC>1</ProtectYourPC>
                <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
                <HideLocalAccountScreen>true</HideLocalAccountScreen>
                <SkipUserOOBE>true</SkipUserOOBE>
                <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
            </OOBE>
          </component>
  </settings>
<settings pass="specialize">
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ComputerName>*</ComputerName>
        </component>
        <component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <Identification>
                <UnsecureJoin>false</UnsecureJoin>
                <Credentials>
                    <Domain>amd.local</Domain>
                    <Password>P@ssw0rd</Password>
                    <Username>vgadmin</Username>
                </Credentials>
                 <JoinDomain>amd.local</JoinDomain>
            </Identification>
        </component>
    </settings>
</unattend>
edit retag flag offensive close merge delete

1 answer

Sort by » oldest newest most voted
0

answered 2015-12-03 17:30:34 +0200

avladu gravatar image

Hello,

The domain name has to be resolved by a DNS server, which in your case it can be an Active Directory Domain Controller.

One possible solution to this issue(but this depends on your environment setup), is to add the AD Domain Controller ip to your neutron private network dns servers(if applicable).

If you can provide more information on your environment(networking stack used, if you have a dhcp server in the network), it would be helpful to better understand how to solve this issue.

Thanks.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2015-12-03 15:33:14 +0200

Seen: 2,639 times

Last updated: Dec 03 '15