Passing AD credentials to add-computer

Hi Powershell guys,

I have a script that I created to pass credentials onto add-computer which would automate joining that machine to the domain. It’s been working since I created it but recently I had to change the password for some testing. The password length and complexity was the same (although I don’t think it really would matter), but the script broke.
Now whenever I run it, it tells me that my password is incorrect. If I take the passed credentials out and I just have it prompt me, the script works. That defeats the purpose though because it’s supposed to be automated. Does anyone know why this could have happened? I’ve attached the script which contains the code and also the error message… Any help would be greatly appreciated!

 <# This function joins the VM to the domain #>
function JoinDom {

	Add-computer -domainname mydomain.domain -credential $Adcred -computername ipaddress -localcredential $cred -restart
	"Rebooting VM after joining Domain..."


$creduser = "administrator"												
$credpass = convertto-securestring -String "password" -AsPlainText -Force

$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $creduser,$credpass

$Aduser = "domain\lkong"
$Adpass = convertto-securestring -string "mixedcharacterspassword" -AsPlainText -Force

$Adcred = new-object -typename System.Management.Automation.PSCredential -argumentlist $Aduser,$Adpass 


Add-computer : Computer '' failed to join domain 'mydomain.domain' from its current workgroup 'WORKGROUP'
with following error message: The user name or password is incorrect.
At C:\vmscripts\ADrename.ps1:13 char:2
+     Add-computer -domainname mydomain.domain -credential $Adcred -computername $ip -lo ...
+    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: ( [Add-Computer], InvalidOperationException
    + FullyQualifiedErrorId : FailToJoinDomainFromWorkgroup,Microsoft.PowerShell.Commands.AddComputerCommand 

Thanks in advance!

Obvious question - is the password in your script definitely the same as the one you set on the account?

Have you looked in the credential object to view the password its storing?

is there anywhere else the old credential might have been created/stored that’s stopping the new one form being used?

Hi Richard,

Thanks to your prudent questions, I figured out what the problem was. The password i input in the script is the same one as the one on the account but when I checked the credential object using getnetworkcredential, I found that the conversion within the script doesn’t accept certain characters. My password contained the “$” character which wasn’t passed into the securestring. Once I changed my password and removed “$” it worked.

Thank you!

So, that problem is because you’re using double quotes around your password. In double quotes, $ is a token to Powershell for variable replacement. As a practice, use single quotes for strings unless you explicitly need that feature of double quotes.

Ahh I see… that’s good to know. I’m going to change those double quotes to singles so this won’t happen again. Thank you!