setthecat Posted March 25, 2011 Share Posted March 25, 2011 (edited) For a bit of background, I used audit mode to build a pre-activated Windows 7 x64 WIM for my company (around 1500+ computers) and everything is working with the exception of one OOBE page. I cannot get my answer file to join our domain in the default "Computers" OU and skip creating a local user while still prompting for a unique computer name. The unattended join section of my XML:<?xml version="1.0" encoding="utf-8"?><unattend xmlns="urn:schemas-microsoft-com:unattend"> <settings pass="specialize"> <component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="amd64" publicKeyToken="________________" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <Identification> <Credentials> <Domain>______.com</Domain> <Password>_______</Password> <Username>____________</Username> </Credentials> <DebugJoin>true</DebugJoin> <JoinDomain>______.com</JoinDomain> </Identification> </component> </settings> <cpi:offlineImage cpi:source="wim://_______/windowspartition.wim#____Win7" xmlns:cpi="urn:schemas-microsoft-com:cpi" /></unattend>Is there something I did wrong here?Edit: other than the blanks, had to remove a few things for obvious security reasons. Edited March 25, 2011 by setthecat Link to comment Share on other sites More sharing options...
IcemanND Posted March 26, 2011 Share Posted March 26, 2011 For the user issue you need to add a user account or domain account to the administrators group. I add a domain users group for the support personnel that support the machines.For the issue with joining the OU try specifying the machine object OU.Here is what I use in my answer file: <settings pass="oobeSystem"> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <UserAccounts> <DomainAccounts> <DomainAccountList wcm:action="add"> <Domain>mydomain.com</Domain> <DomainAccount wcm:action="add"> <Group>Administrators</Group> <Name>Admin Members</Name> </DomainAccount> </DomainAccountList> </DomainAccounts> </UserAccounts> </component> </settings> <settings pass="specialize"> <component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <Identification> <Credentials> <Domain>mydomain.com</Domain> <Username>DomainAdmin</Username> <Password>DomainAdminPassword</Password> </Credentials> <JoinDomain>mydomain.com</JoinDomain> <MachineObjectOU>OU=computers,DC=mydomain,DC=com</MachineObjectOU> </Identification> </component> </settings> Link to comment Share on other sites More sharing options...
setthecat Posted March 28, 2011 Author Share Posted March 28, 2011 Ok, no longer creating a local account but still not wanting to joint my domain... <settings pass="specialize"> <component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <Identification> <Credentials> <Domain>______.com</Domain> <Password>_______</Password> <Username>____________</Username> </Credentials> <DebugJoin>true</DebugJoin> <JoinDomain>______.com</JoinDomain> <MachineObjectOU>OU=computers,DC=______,DC=com</MachineObjectOU> </Identification> </component> <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <RunSynchronous> <RunSynchronousCommand wcm:action="add"> <Order>1</Order> <Path>net user administrator /active:yes</Path> <Description>Admin On</Description> </RunSynchronousCommand> </RunSynchronous> </component> </settings> <settings pass="oobeSystem"> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <UserAccounts> <AdministratorPassword> <Value>________________________________________________________________________</Value> <PlainText>false</PlainText> </AdministratorPassword> <LocalAccounts> <LocalAccount wcm:action="add"> <Password> <Value>________________________________________</Value> <PlainText>false</PlainText> </Password> <Description>Local Administrator</Description> <DisplayName>Administrator</DisplayName> <Group>Administrators</Group> <Name>Administrator</Name> </LocalAccount> </LocalAccounts> </UserAccounts> <AutoLogon> <Password> <Value>________________________________________</Value> <PlainText>false</PlainText> </Password> <Enabled>true</Enabled> <LogonCount>1</LogonCount> <Username>administrator</Username> </AutoLogon> </component> </settings>Is creation of a domain user during oobe required? And does my username need to be just the username or username@domain.com? I'm not even getting debug errors so I can't tell where it fails or why. Link to comment Share on other sites More sharing options...
IcemanND Posted March 28, 2011 Share Posted March 28, 2011 And the domain user and password used to join are valid on the domain to join a machine to the computers OU. Link to comment Share on other sites More sharing options...
setthecat Posted March 29, 2011 Author Share Posted March 29, 2011 (edited) And the domain user and password used to join are valid on the domain to join a machine to the computers OU.Not quite sure what you mean, but for temporary testing purposes I'm using my own personal credentials.Edit: Ok, maybe I'm just 'tarded... Looks like I had my password in the username field and my username in the password field... Wish I could re-test this without spending an hour reverting to an image I made in audit mode... Edited March 29, 2011 by setthecat Link to comment Share on other sites More sharing options...
IcemanND Posted March 29, 2011 Share Posted March 29, 2011 That is more or less what I meant. That the user account being used had the appropriate domain rights to join a machine to the domain in the computers OU. Essentially can you manually use that account to join a machine is the easiest way to check that.Easier way to test your images, build them in a VM. Dpending upon what VM software you use (my preference is VMWAre Workstation) you have the ability to take snapshots. Then whenyou need to test something you can take a snapshot before hand (take 30ish seconds) test what you need and if it didn't work go back to the snapshot (takes 60ish seconds) and try again. Has saved me many hours when building images. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now