Joining ghosted machines to the domain via SCCM
Hi all,
For our disaster recovery process we have a number of workstations at a service provider which they ghost a stored image to. Before SCCM I used to have an altiris task which would spot these new machines and join them to the domain for me.
Is this possible using SCCM? I've found articles about how to generalize the sccm client before the image is captured, and on my test machine I can see they are being found by SCCM. I have a collection for these devices (based on machine name) and so could advertise something to them. However:
* So far no application or task sequence is picked up by these new machines (only old items in software center from the reference machine)
* If the task/application needs to run in the context of system, then how would one secure the credentials used (powershell Credential files can only be used on the machine they are created on?)
Does anyone else use a similar process for DR scenarios?
0 Comments
[ + ] Show comments
Answers (2)
Please log in to answer
Posted by:
nagendrasingh
7 years ago
>>Is this possible using SCCM?
Do you mean joining the domain? Yes, it is possible when the machine is built.
Do you mean joining the domain? Yes, it is possible when the machine is built.
>>* So far no application or task sequence is picked up by these new machines (only old items in software center from the reference machine)
For this to happen, you need to install SCCM client, put the machines in a collection and direct software/Task Sequence to it.
For this to happen, you need to install SCCM client, put the machines in a collection and direct software/Task Sequence to it.
* If the task/application needs to run in the context of system, then how would one secure the credentials used (powershell Credential files can only be used on the machine they are created on?)
SCCM Client runs in system context and launches processes in that too. Altiris, Landesk etc also do it the same way.
SCCM Client runs in system context and launches processes in that too. Altiris, Landesk etc also do it the same way.
Comments:
-
I am not building these machines using SCCM, they are built using ghost, which is done by the company we use to provide DR seats. I do build the original image using SCCM, and need the sccm client on the machine however. - auto_mate 7 years ago
Posted by:
nagendrasingh
7 years ago
Do you computers have a working SCCM client? If they have then they should get all the deployments targetted to that collection.
If yes then you can add a machine to domain using SCCM. There are many scripts for that on internet. Some examples are below
This step needs an AD account (An AD requirement, not SCCM requirement).
BTW, whatever is possible using Altiris for Windows, is possible using SCCM.
==================================================
https://www.scribd.com/document/44282659/NetDom-Examples
NetDom examples
Sample workstation or member server operations
Adding a workstation or member server to a domain
Add the workstation
mywksta
to the Windows NT 4.0domain
microsoft
:
NETDOM ADD /d:microsoft mywksta/ud:mydomain\admin /pd:password
Add the workstation
mywksta
to the Windows 2000 domain devgroup.microsoft.com in theorganizational unit (OU) Dsys/workstations:
NETDOM ADD /d:devgroup.microsoft.commywksta /OU:OU=Dsys,OU=Workstations,DC=microsoft,DC=com
Note
?
If /OU is not specified the account is created in the Computers container.
Joining a workstation or member server to a domain
Join
mywksta
to the devgroup.microsoft.com domain in the Dsys/workstations organizational unit.
NETDOM JOIN /d:devgroup.microsoft.commywksta /OU:OU=Dsys,OU=Workstations,DC=microsoft,DC=com
In addition to adding the computer account to the domain, the workstation is modified to contain the appropriateshared secret to complete the Join operation
If yes then you can add a machine to domain using SCCM. There are many scripts for that on internet. Some examples are below
This step needs an AD account (An AD requirement, not SCCM requirement).
BTW, whatever is possible using Altiris for Windows, is possible using SCCM.
==================================================
https://www.scribd.com/document/44282659/NetDom-Examples
NetDom examples
Sample workstation or member server operations
Adding a workstation or member server to a domain
Add the workstation
mywksta
to the Windows NT 4.0domain
microsoft
:
NETDOM ADD /d:microsoft mywksta/ud:mydomain\admin /pd:password
Add the workstation
mywksta
to the Windows 2000 domain devgroup.microsoft.com in theorganizational unit (OU) Dsys/workstations:
NETDOM ADD /d:devgroup.microsoft.commywksta /OU:OU=Dsys,OU=Workstations,DC=microsoft,DC=com
Note
?
If /OU is not specified the account is created in the Computers container.
Joining a workstation or member server to a domain
Join
mywksta
to the devgroup.microsoft.com domain in the Dsys/workstations organizational unit.
NETDOM JOIN /d:devgroup.microsoft.commywksta /OU:OU=Dsys,OU=Workstations,DC=microsoft,DC=com
In addition to adding the computer account to the domain, the workstation is modified to contain the appropriateshared secret to complete the Join operation
