Add a Windows server to a domain

HP provides two scripts that can be used for adding a server to a Windows domain. One is used for adding to the domain at OS installation time, and the other is used for adding to the domain once the server is already installed. The two methods for adding a Windows server to a domain are described below.

To add the server to a domain during OS installation:

Use the HP-provided script Inject Windows Domain or Workgroup Personalization Settings as part of an OS deployment job.

This method also injects windows active directory domain or workgroup related configuration into windows unattend file and is supported only from Windows Server 2008 onwards.

Save a copy of the HP-provided Windows OS Build Plan, changing its name to better reflect the Windows functionality being installed.
After the Inject Personalization Settings step in the OS Build Plan, add the HP-provided script Inject Windows Domain or Workgroup Personalization Settings.

Create DomainName, DomainUser, DomainPassword, Workgroup custom attributes, as shown in the examples below:

Category	Example
DomainName	mydomain.net # FQDN of your domain
DomainUser	Aduser # An AD user with permissions to join workstations to the domain
DomainPassword	supersecret #Password for DomainUser
Workgroup	(optional)

To add a server to a domain after its OS is installed:

Use the HP-provided script Add Windows Server to Domain as part of an OS deployment job.


	NOTE: This script uses PowerShell commands. To run on Windows 2008, PowerShell 2.0 needs to be installed.

This step can be used as part of its own Build Plan or can be added at the end of an OS installation job. The benefit of using this step is that your domain password can be encrypted, and will not show up in clear text. Here are instructions for adding this step to the end of an OS installation.

Save a copy of the HP-provided Windows OS Build Plan, changing its name to better reflect the Windows functionality being installed.
At the end of the OS Build Plan, after last “Wait for HP SA Agent” step, add HP-provided script Add Windows Server to Domain

Create DomainFQDN, DomainPassword or EncryptedDomainPassword, DomainUser, DomainName, and Key custom attributes, as shown in the examples below:

Category	Example
DomainFQDN	mydomain.net # FQDN of your domain
DomainName	# NETBIOS name of your domain
DomainUser	Aduser # An AD user with permissions to join workstations to the domain
DomainPassword	supersecret #Password for DomainUser
EncryptedDomainPassword	76492d1116743f042341 #Encrypted password
Key	supersecretpasswordworks #Key used to generate above password


	NOTE: Either "DomainPassword" or combination of “EncryptedDomainPassword” with “Key” custom attributes need to be provided. “DomainPassword” will be stored as a plain text. User can delete it on completion of Build Plan. “EncryptedDomainPassword” stores encrypted password generated using Key specified in Key Custom attribute.

How to generate an encrypted password:

Follow the steps below, on a separate Windows system, to generate an encrypted password using power shell:

$key=”supersecretpasswordworks”
$password=read-host –assecurestring
<Type Password>
$encrypt=convertfrom-securestring $password -key $key.ToCharArray()
$encrypt | set-content c:\encrypted.txt #save password to file


	NOTE: The valid key can be any of 128/192/256 bits that is byte array of 16/24/32 digits. In the example above, byte array to 24 digits is used. User need to specify same key value used to generate encrypted passed in “Key” custom attribute field.

prev	up	next
Install an operating system on a UEFI capable ProLiant server	home	Create a Windows scripted install OS Build Plan that installs Windows without a product key