Mid Level task prior to domain join to delete computer from AD?
Good Morning all,
Wondering, is there a way to after the computer name is queried, to delete it from AD prior to joining the domain?
I've got post installation tasks that require a good domain join, and my techs continuously forget to delete the computer name from AD prior to kicking off the scripted installation.
Looking to make the process 100% fool proof.
Thank You!
1 Comment
[ + ] Show comment
Answers (2)
Please log in to answer
Posted by:
computeguy12119
1 year ago
Bump. This has to be a common request I'd think?
Comments:
-
it seems nobody has the answer, so don't bump too often, since this is considered as SPAM.
A quick research with your favourite searching engine would have brought you to:
https://learn.microsoft.com/en-us/powershell/module/activedirectory/remove-adcomputer?view=windowsserver2022-ps which shows you how to do this.
You just need to take the name from your db or if getsetcomputername is used from the file it creates to inject. - Nico_K 1 year ago
Posted by:
flip1001
1 year ago
The following link has a script which should work. You will need to install ADSI in the KBE Manipulator I think.
Remove a PC object from a domain in WinPE with Powershell - mroenborg
I will try to implement a vbscript to do this. Unfortunately, I haven't written vbscript in many years and I'm also very busy with other matters.
I also don't think I can use Powershell unless I install the ADDS tools in the golden image. I hope someone has some insight on this.
In my environment we don't reimage servers with the SDA since they're VM so I exclude servers.
Here is the pseudocode I am thinking of.
Task that should run right before the join domain postinstall task:
Find mac address of active NIC.
Check drive X for the text file matching the mac address, that was created with the getcomputername task, to determine the computer name that was entered. If not found, then quit the script.
Get a list of all computers in our AD domain. The attributes I want are the computer name and OS.
If the requested computer name matches an AD object which has the OS attribute "Server", then quit the script. (Don't delete server objects.)
If the requested computer name matches an AD object which does not contain the OS attribute "Windows", then quit the script. (Don't delete non-Windows objects.)
If the requested computer name does not exist in AD, then quit the script. (Nothing to delete that will conflict in the next task.)
If the requested computer name does exist in AD, then delete it. (Otherwise, the next join domain task will likely fail.) - flip1001 1 year ago