-
Notifications
You must be signed in to change notification settings - Fork 1
/
vdiDomainJoin.ps1
56 lines (45 loc) · 2.23 KB
/
vdiDomainJoin.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
#Variable Section
#
# This script was created by Jeremy Wheeler from VMware EUC-PSO (2022)
#
# This script is free to use. Please adjust the below fields to make it work in your environment.
#
# $GoldImageName = What gold image name you are using as a template for full clones
# $DOMAIN="acme.com" = change to your domain name
# $UATOU = Change to the correct OU in your environment where you want the full clones to reside
# $User = Change to your domain\username that has an account with permissions to join/remove machines to the domain.
# $PasswordFile = This script assumes you are using an AES encrypted password file located in the temp folder location.
# Please reference the following link for instructions for how to generate an AES encrypted password file.
# https://www.pdq.com/blog/secure-password-with-powershell-encrypting-credentials-part-2/#using-key-secure-key
#
$GoldImageName = "WIN10FULLC1" # Change this to match the Gold Image Computer Name
$ver = "v1"
$Logfile = "C:\temp\DomainJoin-$ver.log" # Log file location
$VDIHostname = "$env:COMPUTERNAME" # Grabs local computer name
Function LogWrite
{
Param ([string]$logstring)
$datentime = Get-Date -Format g
$logstring = "$datentime" + ": " + "$logstring"
Add-content $Logfile -value $logstring
}
# Domain Join OU & Account Details
$DOMAIN="acme.com" # Domain Name
# OU Path
$UATOU = "OU=Full Clones,OU=Persistent,OU=Workloads,OU=View,DC=acme,DC=com"
# Credentials needed when launching
$User = "acme\myaccount" # User Account
$PasswordFile = "C:\Temp\AESDomain.txt" # Encrypted Password File
$KeyFile = "C:\Temp\AESDomainJoin.key" # AES Key File
$key = Get-Content $KeyFile
$VIcred= New-object System.Management.Automation.PSCredential -ArgumentList $User, (Get-Content $PasswordFile | ConvertTo-SecureString -Key $key)
# Cleanup
If($GoldImageName -eq $VDIHostname){
# Script is being executed from Gold Image, skip cleanup.
}else {
# Execute cleanup
Get-ChildItem C:\temp -Include *.* -Recurse | ForEach { $_.Delete()}
Remove-Item C:\temp -Force -Recurse
}
# Joining the Device to PreDefined OU.
Add-Computer -DomainName $DOMAIN -OUPath $UATOU -credential $VIcred -Restart -Confirm:$false