All,
I am in the process of creating a script to migrate our workstations from our legacy domain to the our new domain. I can disjoin the legacy domain but I am having issues joining the new domain.
Here is what I am using
$joincred = New-Object pscredential -ArgumentList ([pscustomobject]@{
Username = ‘Username’
Password = (ConvertTo-SecureString -String ‘password’ -AsPlainText -Force)[0]
})
Add-Computer -DomainName ‘Name’ -Credential $joincred
The issue arising from this is, “corporate” and their infinite wisdom, has completely blocked NTLM authentication, which is what the above is trying to use. Is there a way I can force the use of Kerberos with this command or is there a different method of doing this. I am wanting this to be as automated as possible.
Hello Joseph,
One of the options would be to Add a computer to a domain using predefined computer credentials
New-ADComputer -Name "Server02" -AccountPassword (ConvertTo-SecureString -String 'TempJoinPA$$' -AsPlainText -Force)
# Then this command is run from Server02
which is not yet domain-joined:
$joinCred = New-Object pscredential -ArgumentList ([pscustomobject]@{
UserName = $null
Password = (ConvertTo-SecureString -String 'TempJoinPA$$' -AsPlainText -Force)[0]
})
Add-Computer -Domain "Domain03" -Options UnsecuredJoin,PasswordPass -Credential $joinCred
Reference: Add-Computer Documentation
Hope that helps.
This is being executed on a non-joined domain computer? How is the user name formed? Domain\User or user@domain.com. Are you getting a error?
This worked. I was unsure about this process when I originally read it. This will cause some more pre-work before I run the full script, but that is ok.
[quote quote=266579]Hello Joseph,
One of the options would be to Add a computer to a domain using predefined computer credentials
|
New-ADComputer -Name "Server02" -AccountPassword (ConvertTo-SecureString -String 'TempJoinPA$$' -AsPlainText -Force)
# Then this command is run from [crayon-5f9aaf533de5c354344174 inline="true" ]Server02
|
which is not yet domain-joined: $joinCred = New-Object pscredential -ArgumentList ([pscustomobject]@{ UserName = $null Password = (ConvertTo-SecureString -String 'TempJoinPA$$' -AsPlainText -Force)[0] }) Add-Computer -Domain "Domain03" -Options UnsecuredJoin,PasswordPass -Credential $joinCred[/crayon] Reference:
Add-Computer Documentation
Hope that helps.
[/quote]