 | 1 | initial version |
Hello,
The domain join is possible with cloudbase-init. There are a few ways to achieve this, depending on what are your security requirements.
You can use the userdata or local scripts plugin to perform the domain join, but in this case the domain join username and password is exposed in clear text.
Another way is to use the offline domain join: https://docs.microsoft.com/en-us/windows-server/remote/remote-access/directaccess/directaccess-offline-domain-join . In this case you need to create externally the domain job blob for each machine and then set it in the userdata / local scripts, which can be cumbersome.
You can use the sysprep domain join, where you set the domain join credentials in the specialize section of the Unattend.xml used for sysprep. This has the issue of changing the hostname afterward.
A good trade off would be to use local scripts plugin, which executes a cmd or PS file from the image at boot. In the local script you can use the credentials in plain text to join the domain and then you remove the local script from the local's script code itself. Still, the plaintext credentials can be exposed if your script fails.
This questions has been already answered here too: https://ask.cloudbase.it/question/2467/autodomain-join/
Thank you,
Adrian Vladu
© 2014-2023 Cloudbase Solutions Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
