AAD registers PC's hardware via unattended install of Windows 11

M

madurani

New Member
Hello All,

Could you please advise my whether is possible join hardware on which is running unattend installation of windows to AAD? We do it now manually via options "Add a work or school account", but would be very nice add it to answer xml file.
In case that it is possible, then provide me some example xml code for it.
 
I saw "how to" with *.ppkg file, but there is needed add device name as "name+%serial% or %rand:x%" and it will be different as real name of hostname, for example tml2001. Is possible add there automatically hostname of installed HW?
 
If you wanted to enroll PC's by unique hostname, you need AutoPilot to pre-register them by their hardware hashes.

How to set computer name during Windows 10 Autopilot Deployment (User-Driven Azure AD joined Scenario)

Bulk enrollment is trying to solve the problem of adding new machines where you don't know the hashes. For example, if we had two PC's both named GARLIN-PC -- which one wins? Bulk enrollment avoids name collision by searching for serialized info (manufacturer's S/N) or from a random hash value.

For scripting, install the AzureAD Module on the new system. Auto-logon is only reserved for local accounts.

The main problem is you need to provide some credentials to domain join. The possible methods:

- Provide the logon/password inside your script (security risk).
- Ask the user to enter their info, but you can't have an interactive user session without creating a throwaway local account.
- Bulk token is provided by the Provision Package.
 
All windows desktop(win11 profesional) are installed via unattend file where are defined uniqe hostname as tmlXXXX(example tml2000). When I add desktop to AAD manually then output from dsregcmd /status is:

Code: 
PS C:\Users\Administrator> dsregcmd /status


+----------------------------------------------------------------------+
| Device State                                                         |
+----------------------------------------------------------------------+


             AzureAdJoined : YES
          EnterpriseJoined : NO
              DomainJoined : NO
               Device Name : tmv2014

when is use Bulk enrollment and format "name+%serial% or %rand:x%", then device name will be different than i need(because is used in dns and dhcp server). Not exist some string(%hostname%) or (%COMPUTERNAME%) which substitute real hostname of desktop?
 
I can't answer this since I don't have any AAD domains. You should ask for help on MS Community, or another dedicated site.
 
i found this solution here >>> http://eddiejackson.net/wp/?p=19550
question: can be *.ppkg file execute via unattend file?
example:

Code: 
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c powershell -Command "Install-ProvisioningPackage -PackagePath xxxx.ppkg"</CommandLine>
<Description>Install of applications</Description>
<Order>3</Order>
</SynchronousCommand>

and after that can be change hostname via some powershell command?

Mod note: Fixed the URL link.
 
Last edited by a moderator:
The article suggests you take advantage of the 60 second delay before the reboot to rename the host. The problem is still an unscheduled reboot happening in the middle of other installation tasks.

Instead you should force a reboot immediately, instead of waiting up to 60 seconds.

<WillReboot>Never</WillReboot> Add .ppkg
<WillReboot>OnRequest</WillReboot> Rename commands

This way you know the reboot won't interrupt other important tasks.
 
I tested it but not work properly:
1. I create .ppkg file
2. unjoin VM from AAD and restarted VM
3. open powershell as admin
4. install .ppkg file with command:
Code: 
Install-ProvisioningPackage -PackagePath D:\ADD2\AAD_FILE.ppkg -QuietInstall
5. tried to rename VM with command(finish with error):
Code: 
PS C:\Users\Administrator> Rename-Computer -NewName "tmv2014"
Rename-Computer : Skip computer 'tmv2014' with new name 'tmv2014' because the new name is the same as the current name.
At line:1 char:1
+ Rename-Computer -NewName "tmv2014"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (tmv2014:String) [Rename-Computer], InvalidOperationException
    + FullyQualifiedErrorId : NewNameIsOldName,Microsoft.PowerShell.Commands.RenameComputerCommand

then I tried commands from link: aad, but second command finish with error:
Code: 
PS C:\Users\Administrator> set wshShell=CreateObject("WScript.Shell")
PS C:\Users\Administrator> strComputerName=wshShell.ExpandEnvironmentStrings("%COMPUTERNAME%")
strComputerName=wshShell.ExpandEnvironmentStrings : The term 'strComputerName=wshShell.ExpandEnvironmentStrings' is
not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or
if a path was included, verify that the path is correct and try again.
At line:1 char:1
+ strComputerName=wshShell.ExpandEnvironmentStrings("%COMPUTERNAME%")
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (strComputerName...ironmentStrings:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException
Result: After reboot is VM joined to AAD but with incorrect name and incorrect hostname
 
Last edited:
Sorry, I don't have an AAD domain to play with. You'll have to ask on another forum.

You do realize the 2nd file is VBScript?
 
garlin said:
Sorry, I don't have an AAD domain to play with. You'll have to ask on another forum.

You do realize the 2nd file is VBScript?
Click to expand...
Probably I have solution:
1. install desktop with some generic hostname as for example "desktop"
2. on end of unattend file start as SynchronousCommand >> install .ppkg file
3. after that same way execute via SynchronousCommand >> rename desktop to requested hostname as tmv2014
4. then reboot desktop

Then I did this steps manually via powershell console result was compliant:
hostname after reboot >>> tmv2014
output from dsregcmd /status :
Code: 
PS C:\Users\Administrator> dsregcmd /status


+----------------------------------------------------------------------+
| Device State                                                         |
+----------------------------------------------------------------------+


             AzureAdJoined : YES
          EnterpriseJoined : NO
              DomainJoined : NO
               Device Name : tmv2014

I will try implemented this steps to unattend file.
 
Can you see some problem on these two SynchronousCommands?
Because when I added they to unattend xml, then installation finish with error about OOBE:

Code: 
<SynchronousCommand wcm:action="add">
   <Order>4</Order>
   <Description>Install of applications</Description>
   <CommandLine>cmd.exe /c powershell -Command "Install-ProvisioningPackage -PackagePath \\192.168.100.1\WIN_TOOLS\AAD_file.ppkg -QuietInstall"</CommandLine>
   <WillReboot>Never</WillReboot>
</SynchronousCommand>

<SynchronousCommand wcm:action="add">
   <Order>5</Order>
   <Description>Install of applications</Description>
   <CommandLine>cmd.exe /c powershell -Command "Rename-Computer -NewName tmv2015"</CommandLine>
   <WillReboot>Never</WillReboot>
</SynchronousCommand>
 

Attachments

  • autounattend.xml
    10.4 KB
powershell is a native command, and doesn't require "cmd /c".

From your autounattend.xml, it's obvious you're not using or have interest in NTLite. Please ask your follow-up questions on a general Windows forum where it's more appropriate.
 
After delete of "<WillReboot>Never</WillReboot>" from code unattend installation work fine,
Desktop/VM after installation has correct hostname and is joun to AAD:
 

Attachments

  • 1692289720290.png
    1692289720290.png
    114.4 KB
You must log in or register to reply here.
Back
Top