Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Domain join vbscript fails

Status
Not open for further replies.
RoamingBison

RoamingBison

MIS
Mar 16, 2009
2
US
I have been fighting with this script for days now, and can't find a way to make it work.
Code: 
Dim strUser, strPassword, strDomain, strOU
Const JOIN_DOMAIN             = 1
Const ACCT_CREATE             = 2
Const ACCT_DELETE             = 4
Const WIN9X_UPGRADE           = 16
Const DOMAIN_JOIN_IF_JOINED   = 32
Const JOIN_UNSECURE           = 64
Const MACHINE_PASSWORD_PASSED = 128
Const DEFERRED_SPN_SET        = 256
Const INSTALL_INVOCATION      = 262144 
' Declare domain and the OU
strDomain   = "mydomain.com"
strOU       = "OU=FloorGroup,OU=ShopFloorAccounts,OU=City,OU=Americas,DC=domain,DC=com"
strUser     = "user"
strPassword = "password"

Set objNetwork = CreateObject("WScript.Network")
strComputer = objNetwork.ComputerName
Set objComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!//" & _
strComputer & "/root/cimv2:Win32_ComputerSystem.Name='" & _
strComputer & "'")

ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _            
   strPassword, strDomain & "\" & strUser, strOU, _
   JOIN_DOMAIN)
If Not ReturnValue = 0 Then    ' if the joining fails
Wscript.Echo "Joining machine to the domain has failed. Please try again"
Wscript.Echo "Error Number: " & Err.Number
Wscript.Echo "Error Description: " & Err.Description
Wscript.Quit
Else
Wscript.echo "Machine has joined the domain successfully. Please click OK to reboot" 
END If
WScript.sleep(5000)
' More code to add autologin reg entries

Before we created all the machine names in AD I could make this work (with options 1 & 2). However it will always fail if the computer account is already created in AD. I have tried literally dozens of different permutations of domain join scripts, and nothing seems to work correctly.

How I am using this script: This is part of a setup routine for touchscreen computers on the shop floor. The computers are all currently in "Workgroup", however we want to move them over to the domain. This setup routine will also be used to make swapping out a terminal simpler in case a machine fails.
The machine setup process: From a generic ghost image, I set up the individual station and rename it using a HTA. This script is copied over to the root of the drive, and called via runonce key that will execute after the reboot from the name change.
 
Sort by date Sort by votes
Have you tried NOT having the account already created in AD, and changing this line:

Code: 
ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _            
   strPassword, strDomain & "\" & strUser, strOU, _
   JOIN_DOMAIN)


to this...

Code: 
eturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _            
   strPassword, strDomain & "\" & strUser, strOU, _
   JOIN_DOMAIN + ACCT_CREATE)

Also, what errors do you get?



Thanks,
Andrew

[medal] Hard work often pays off over time, but procrastination pays off right now!
 
Upvote 0 Downvote
The script works perfectly if the computers have not been created in AD when I add the "ACCT_CREATE" option. My test machine was added in the correct OU and had the correct name.

The error number that returns from Err is 0, with a blank description. If I change the script to return the value of "ReturnValue" instead, the return value is 5. The documentation for the JoinDomainOrWorkgroup function that I found at MSDN has no information about error code 5.

The decision to pre-create the computers in AD belongs to my boss, not me so I'm not sure I have the (much easier) option of not creating the accounts ahead of time. I'm also not sure what the other options do, I tried the DOMAIN_JOIN_IF_JOINED option and it put my test machine in a Workgroup that was named the same as my domain.

Thanks,
Jeff
 
Upvote 0 Downvote
Sorry, I misunderstood the fact that you already tried my suggestion.

Thanks,
Andrew

[medal] Hard work often pays off over time, but procrastination pays off right now!
 
Upvote 0 Downvote
One other thought...

Are you using domain admin credentials? It could be that the account you are using to add the machine to the domain has the ability to create new accounts and add to AD, but not have rights to modify existing accounts.



Thanks,
Andrew

[medal] Hard work often pays off over time, but procrastination pays off right now!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

K
  • Locked
  • Question
VBSCRIPT dont work windows 11 23h2 ???
Replies
2
Views
547
SoftwareRT
SoftwareRT
bdwilcox
  • Locked
  • Question
HTA fails with Syntax Error when working VBScript inserted
Replies
2
Views
396
bdwilcox
bdwilcox
Alexvb6
  • Locked
  • Question
Deprecation of VBScript + Classic ASP: How to Ask Microsoft to cancel their planned craziness
Replies
0
Views
419
Alexvb6
Alexvb6
bdwilcox
  • Locked
  • Question
Trying to adapt VBScript to search if machine is in an AD group 6
Replies
8
Views
1K
SoftwareRT
SoftwareRT
paullem
  • Locked
  • Question
vbscript to read properties of JPEG file
Replies
4
Views
472
paullem
paullem

Part and Inventory Search

Sponsor

Back
Top