HP provides two scripts that can be used for adding a server to a Windows domain. One is used for adding to the domain at OS installation time, and the other is used for adding to the domain once the server is already installed. The two methods for adding a Windows server to a domain are described below.
To add the server to a domain during OS installation:
Use the HP-provided script Inject Windows Domain or Workgroup Personalization Settings as part of an OS deployment job.
This method also injects windows active directory domain or workgroup related configuration into windows unattend file and is supported only from Windows Server 2008 onwards.
-
Save a copy of the HP-provided Windows OS Build Plan, changing its name to better reflect the Windows functionality being installed.
-
After the Inject Personalization Settings step in the OS Build Plan, add the HP-provided script Inject Windows Domain or Workgroup Personalization Settings.
-
Create DomainName, DomainUser, DomainPassword, Workgroup custom attributes, as shown in the examples below:
Category Example DomainName mydomain.net # FQDN of your domain DomainUser Aduser # An AD user with permissions to join workstations to the domain DomainPassword supersecret #Password for DomainUser Workgroup (optional)
To add a server to a domain after its OS is installed:
Use the HP-provided script Add Windows Server to Domain as part of an OS deployment job.
|
|
NOTE: This script uses PowerShell commands. To run on Windows 2008, PowerShell 2.0 needs to be installed. |
|
|
This step can be used as part of its own Build Plan or can be added at the end of an OS installation job. The benefit of using this step is that your domain password can be encrypted, and will not show up in clear text. Here are instructions for adding this step to the end of an OS installation.
-
Save a copy of the HP-provided Windows OS Build Plan, changing its name to better reflect the Windows functionality being installed.
-
At the end of the OS Build Plan, after last “Wait for HP SA Agent” step, add HP-provided script Add Windows Server to Domain
-
Create DomainFQDN, DomainPassword or EncryptedDomainPassword, DomainUser, DomainName, and Key custom attributes, as shown in the examples below:
Category Example DomainFQDN mydomain.net # FQDN of your domain DomainName # NETBIOS name of your domain DomainUser Aduser # An AD user with permissions to join workstations to the domain DomainPassword supersecret #Password for DomainUser EncryptedDomainPassword 76492d1116743f042341 #Encrypted password Key supersecretpasswordworks #Key used to generate above password
|
|
NOTE: Either "DomainPassword" or combination of “EncryptedDomainPassword” with “Key” custom attributes need to be provided. |
|
|
How to generate an encrypted password:
Follow the steps below, on a separate Windows system, to generate an encrypted password using power shell:
|
|
NOTE: The valid key can be any of 128/192/256 bits that is byte array of 16/24/32 digits. In the example above, byte array to 24 digits is used. User need to specify same key value used to generate encrypted passed in “Key” custom attribute field. |
|
|