Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, March 5, 2020 7:50 AM
Hi!
I'm trying to execute a PS1 script after deployment of a server. This PS1 script is fired using SetupComplete.cmd.
$domain= "ourdomain.local"
$password= "password" | ConvertTo-SecureString -asPlainText -Force
$user= "$domain\domainadminuser"
$cred= New-Object System.Management.Automation.PSCredential($user,$password)
$server= "dc.ourdomain.local"
$oupath= "OU=Windows 2019 Servers,OU=Member Servers,OU=Resources,OU=Data,DC=ourdomain,DC=local"
Add-Computer -DomainName $domain -OUPath $oupath -Credential $cred
#pull info to add computer to correct local groups
$group= Get-ADGroup "CN=Standard Servers,OU=Server,OU=Groups,OU=Resources,OU=Data,DC=ourdomain,DC=local" –Server $server
$hostname= hostname
$computerName= Get-ADComputer $hostname –Server $server
#add computer to local group
Add-ADGroupMember $group -Member $computerName -Server $server -Credential $cred
Restart-Computer
The script joins the domain in the right OU - check! But trying to add the server to a specified security group, it fails. I get a "Get-ADGroup : The server has rejected the client credentials
All replies (5)
Thursday, March 5, 2020 9:21 AM ✅Answered
You need two scripts. This is the one that joins the domain:
$domain = 'ourdomain.local'
$password = 'password' | ConvertTo-SecureString -asPlainText -Force
$user = '$domain\domainadminuser'
$cred = New-Object System.Management.Automation.PSCredential($user, $password)
$oupath = 'OU=Windows 2019 Servers,OU=Member Servers,OU=Resources,OU=Data,DC=ourdomain,DC=local'
Add-Computer -DomainName $domain -OUPath $oupath -Credential $cred -Restart
After the computer restarts run the following from any computer in the domain as a doman in admin.
#pull info to add computer to correct local groups
$computer = Get-ADComputer $env:COMPUTERNAME
Add-ADGroupMember -Member $computer -Identity 'CN=Standard Servers,OU=Server,OU=Groups,OU=Resources,OU=Data,DC=ourdomain,DC=local'
\(ツ)_/
Thursday, March 5, 2020 9:02 AM
You cannot add a computer to a group or use domain credentials until you join the domain and reboot the computer. Afte4r the computer is restarted then it can be added to the group.
\(ツ)_/
Thursday, March 5, 2020 9:07 AM
But if I try to run the script after the server is joined....and just try the "Add to Group" part, I get the same result :-(
Thursday, March 5, 2020 9:10 AM
Get rid of the follow2ing and try again:
" –Server $server"
\(ツ)_/
Thursday, March 5, 2020 9:42 AM
GREAT! Thank you!!!