Script to run after deployment

I need some help getting a Powershell script that will run after deployment that will:

  1. Joins the server to a pre-defined domain and OU.
  2. Adds the computer account to a specified AD group
  3. Adds a predefined description to the computer description “Newly deployed server - Change description now”
  4. Installs 2 predefined MSI packages from a share \\share

This needs to be done without any interaction. I will use SetupComplete.cmd to trigger this script/scripts and then have them deleted.

The SetupComplete.cmd will look something like this:

PowerShell "Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope CurrentUser -Force"
PowerShell ". C:\Windows\Setup\Scripts\predeploymentscript.ps1"

del /q C:\Windows\Setup\Scripts\predeploymentscript.ps1
del /q C:\Windows\Setup\Scripts\SetupComplete.cmd

This “add to domain” seems to be working ok, but I would like to hook on the other functions as well. But I don’t know If I should have one script or keep them seperated. I guess they need to be executed in a specific order (the domain join will need a reboot for example)

$domain = ""
$password = "Mypass" | ConvertTo-SecureString -asPlainText -Force
$username = "$domain\administrator"
$credential = New-Object System.Management.Automation.PSCredential($username,$password)
add-computer -Credential $credential -DomainName $domain -OUPath $ouPath -restart -force
powershell -noprofile -command "&{ start-process powershell -ArgumentList '-noprofile -file C:\Windows\Setup\Scripts\joindomain.ps1' -verb RunAs}"

Maybe add more parapmeters like:

$groupname = “AD group name”
$description = “Newly deployed server - Change description now”

I have tried a lot of seperate PS scripts to accomplish to add the server to a group, but I can’t get it to work…

Huge thank you, if you can help me

So, some context questions:

  1. Why are you using a .cmd script to run PowerShell commands and launch a PowerShell script, when you could just run a PowerShell script? It looks like you're overcomplicating this.
  2. How do you want this to work? do you want to run the script locally on each computer, or do you want to execute a master script from a maintenance computer that would perform the commands remotely on target computers?
  3. You say you have "tried a lot of separate PS scripts", but have you actually read the documentation for Add-Computer? Using it properly will depend on the specifics of your operating environment, so just copying a script from somewhere on the Internet won't necessarily suit your needs. You'll need to be capable of editing it to fit your situation.
  4. What version of Windows Server is your domain controller running on, and what version of PowerShell is installed?
  5. What version/build of Windows are the computers that you want to run this script on, and what version of PowerShell is installed on them?
  6. Do you have full administrative privileges? will you be able to adjust firewall settings/group policies to permit remote execution?

There are several ways you could accomplish having a script reboot a computer and continue execution after, and deciding which one to use will depend on how your network is set up, and what you’re comfortable doing. You could use workflows, or execute a script during StartUp with a reboot counter variable stored in a text file, or use a registry flag, or you could implement Restart-Computer remotely with the -Wait flag.