I need some help getting a Powershell script that will run after deployment that will:
- Joins the server to a pre-defined domain and OU.
- Adds the computer account to a specified AD group
- Adds a predefined description to the computer description “Newly deployed server - Change description now”
- Installs 2 predefined MSI packages from a share \servername.domain.name\share
This needs to be done without any interaction. I will use SetupComplete.cmd to trigger this script/scripts and then have them deleted.
The SetupComplete.cmd will look something like this:
set LOCALAPPDATA=%USERPROFILE%\AppData\Local PowerShell "Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope CurrentUser -Force" PowerShell ". C:\Windows\Setup\Scripts\predeploymentscript.ps1" del /q C:\Windows\Setup\Scripts\predeploymentscript.ps1 del /q C:\Windows\Setup\Scripts\SetupComplete.cmd
This “add to domain” seems to be working ok, but I would like to hook on the other functions as well. But I don’t know If I should have one script or keep them seperated. I guess they need to be executed in a specific order (the domain join will need a reboot for example)
$domain = "test.com" $password = "Mypass" | ConvertTo-SecureString -asPlainText -Force $username = "$domain\administrator" $credential = New-Object System.Management.Automation.PSCredential($username,$password) $ouPath="OU=workstations,DC=test,DC=com" add-computer -Credential $credential -DomainName $domain -OUPath $ouPath -restart -force powershell -noprofile -command "&{ start-process powershell -ArgumentList '-noprofile -file C:\Windows\Setup\Scripts\joindomain.ps1' -verb RunAs}"
Maybe add more parapmeters like:
$groupname = “AD group name”
$description = “Newly deployed server - Change description now”
I have tried a lot of seperate PS scripts to accomplish to add the server to a group, but I can’t get it to work…
Huge thank you, if you can help me