Opsi windomain konfigurieren
Guten Tag an Alle Administratoren,
Ich habe mal wieder stress mit opsi
wir hatten ein windomain.opsi packet welches den gewünschten Rechner in die Firmendomain hinzugefügt hatte.
Jetzt ist diese Packet abhanden gekommen und ich müsste ein neues konfigurieren. Ich komme aber nicht ganz mit dieer klar.
; Copyright (c) uib gmbh (www.uib.de)
; This sourcecode is owned by uib
; and published under the Terms of the General Public License.
; credits: http://www.opsi.org/credits/
[actions]
requiredWinstVersion >= "4.11.3.6"
ScriptErrorMessages = false
DefVar $Domain$
DefVar $Username$
DefVar $Password$
DefVar $AccountOU$
DefVar $UseNetdom$
DefVar $primarywinsserver$
DefVar $secondarywinsserver$
DefVar $MsVersion$
DefVar $OSArch$
DefVar $method$
DefVar $netdompath$
DefVar $exitcode$
DefStringlist $list$
Set $MsVersion$ = GetMsVersionInfo
set $OSArch$ = GetSystemType
Set $Domain$ = GetProductProperty("domain","meineDomain.local")
Set $Username$ = GetProductProperty("username","administrator")
Set $Password$ = GetProductProperty("password","1234")
Set $AccountOU$ = GetProductProperty("account_ou","administrator")
Set $AccountOU$ = ComposeString(SplitString($AccountOU$, ','), ';')
Set $method$ = GetProductProperty("method","unknown")
Set $primarywinsserver$ = GetProductProperty("primarywinsserver","192.168.100.1")
Set $secondarywinsserver$ = GetProductProperty("secondarywinsserver","192.168.100.1")
ShowBitmap "%ScriptPath%\winconfig.png" "Joining domain " + $Domain$
Message "Perparing to join"
if $method$ = "auto"
comment "we are in auto mode - let us decide which method to use"
if $MsVersion$ < "6"
comment "on NT5 we switch to method netdom"
set $method$ = "netdom.exe"
else
comment "on NT6 we start with powershell and if this fails we use wmic"
set $method$ = "powershell"
endif
endif
if $method$ = "netdom.exe"
if $MsVersion$ >= "6"
if $OSArch$ = "64 Bit System"
set $netdompath$ = "%ScriptPath%\nt6x64"
else
set $netdompath$ = "%ScriptPath%\nt6x32"
endif
Files_copy_netdom /Sysnative
else
set $netdompath$ = "%ScriptPath%"
Files_copy_netdom
endif
endif
if ( lower(trim(takeString(2, getOutStreamFromSection('DosInAnIcon_get_partofdomain')))) = "true" )
Message "Unjoining domain"
comment "Disconnecting shares to avoid multiple connections to the same server with different usernames"
DosInAnIcon_disconnect winst /sysnative
if $method$ = "netdom.exe"
DosInAnIcon_unjoin_domain_netdom winst /sysnative
endif
DosInAnIcon_unjoin_domain winst /sysnative
if not ( lower(trim(takeString(2, getOutStreamFromSection('DosInAnIcon_get_partofdomain')))) = "false" )
LogError "Failed to unjoin domain"
isFatalError
endif
ExitWindows /ImmediateReboot
endif
Message "Joining domain"
comment "Disconnecting shares to avoid multiple connections to the same server with different usernames"
DosInAnIcon_disconnect winst /sysnative
ExitWindows /Reboot
if $MsVersion$ >= "6"
if GetProductProperty("samba_domain","true") = "true"
Registry_samba_domain_settings /sysnative
DosInAnIcon_restart_lanman winst /sysnative
endif
endif
if $method$ = "netdom.exe"
if ($AccountOU$ = "")
comment "Using netdom.exe to join domain"
DosInAnIcon_join_domain_netdom winst /sysnative
else
comment "Using netdom.exe to join domain, ou: " + $AccountOU$
DosInAnIcon_join_domain_ou_netdom winst /sysnative
endif
set $exitcode$ = getLastExitcode
endif
if $method$ = "powershell"
set $exitcode$ = "0"
;DosInAnIcon_setpolicy /sysnative
DosInAnIcon_setpolicy
set $exitcode$ = getLastExitcode
set $exitcode$ = "0"
if ($AccountOU$ = "")
;set $list$ = getOutStreamFromSection ('ExecWith_powershell "%System%\WindowsPowerShell\v1.0\powershell.exe" winst /sysnative')
set $list$ = getOutStreamFromSection ('ExecWith_powershell powershell.exe')
else
;set $list$ = getOutStreamFromSection ('ExecWith_powershell_ou "%System%\WindowsPowerShell\v1.0\powershell.exe" winst /sysnative')
set $list$ = getOutStreamFromSection ('ExecWith_powershell_ou powershell.exe')
set $exitcode$ = getLastExitcode
if not ($exitcode$ = "0")
comment "join via powershell with ou failed - retry with without ou"
set $list$ = getOutStreamFromSection ('ExecWith_powershell powershell.exe')
endif
endif
set $exitcode$ = getLastExitcode
;PatchTextFile_Create_powershell "c:\opsi.org\tmp\joinpatched.ps1"
;DosInAnIcon_JoinDom
if not ($exitcode$ = "0")
comment "join via powershell failed - retry with wmic"
set $method$ = "wmic"
endif
endif
if $method$ = "wmic"
if ($AccountOU$ = "")
comment "Using wmi to join domain"
DosInAnIcon_join_domain_wmic winst /sysnative
else
comment "Using wmi to join domain, ou: " + $AccountOU$
DosInAnIcon_join_domain_ou_wmic winst /sysnative
endif
endif
if ( lower(trim(takeString(2, getOutStreamFromSection('DosInAnIcon_get_partofdomain')))) = "false" )
LogError "Failed to join domain"
isFatalError
endif
if NOT ($primarywinsserver$ = "")
if ($secondarywinsserver$ = "")
Set $secondarywinsserver$ = $primarywinsserver$
endif
DosInAnIcon_setwinsserver winst /sysnative
endif
comment "Setting default logon domain"
Registry_patch_default_domain /sysnative
;[PatchTextFile_Create_powershell]
;AddLine "$secpasswd = ConvertTo-SecureString '$Password$' -AsPlainText -Force"
;AddLine "$mycreds = New-Object System.Management.Automation.PSCredential ('$Domain$\$Username$', $secpasswd)"
;AddLine "add-computer -domainname $Domain$ -credential $mycreds -PassThru"
;SaveToFile "c:\opsi.org\tmp\joinpatched.ps1"
;[DosInAnIcon_JoinDom]
;echo "domjoin with powershell ..."
;rem powershell set-executionpolicy RemoteSigned
;powershell "c:\opsi.org\tmp\joinpatched.ps1"
;exit %ERRORLEVEL%
;rem del "c:\opsi.org\tmp\joinpatched.ps1"
[DosInAnIcon_setpolicy]
echo "powershell set-executionpolicy RemoteSigned ..."
powershell.exe set-executionpolicy RemoteSigned
exit %ERRORLEVEL%
[ExecWith_powershell]
$secpasswd = ConvertTo-SecureString '$Password$' -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ('$Domain$\$Username$', $secpasswd)
add-computer -domainname $Domain$ -credential $mycreds -PassThru
if ($?) {Exit(0)}
else {Exit(1)}
[ExecWith_powershell_ou]
$secpasswd = ConvertTo-SecureString '$Password$' -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ('$Domain$\$Username$', $secpasswd)
add-computer -domainname $Domain$ -credential $mycreds -OUPath "$AccountOU$" -PassThru
if ($?) {Exit(0)}
else {Exit(1)}
[Files_cleanup]
del "c:\opsi.org\tmp\*.ps1"
[DosInAnIcon_disconnect]
net use /delete * /yes
exit %ERRORLEVEL%
[Files_copy_netdom]
copy "$netdompath$\netdom.exe" "%System%\"
[DosInAnIcon_unjoin_domain]
wmic /interactive:off computersystem where name!=null call unjoindomainorworkgroup
exit %ERRORLEVEL%
[DosInAnIcon_unjoin_domain_netdom]
"%System%\netdom.exe" remove %PCNAME% /Verbose /Domain:$Domain$ /Userd:$Username$ /PasswordD:$Password$
exit %ERRORLEVEL%
[DosInAnIcon_join_domain_netdom]
"%System%\netdom.exe" join %PCNAME% /Verbose /Domain:$Domain$ /Userd:$Domain$\$Username$ /PasswordD:$Password$
exit %ERRORLEVEL%
[DosInAnIcon_join_domain_ou_netdom]
"%System%\netdom.exe" join %PCNAME% /Verbose /Domain:$Domain$ /Userd:$Username$ /PasswordD:$Password$ /OU:"$AccountOU$"
exit %ERRORLEVEL%
[DosInAnIcon_join_domain_wmic]
wmic /interactive:off computersystem where name!=null call JoinDomainOrWorkgroup "",3,"$Domain$","$Password$","$Username$"
exit %ERRORLEVEL%
[DosInAnIcon_join_domain_ou_wmic]
wmic /interactive:off computersystem where name!=null call JoinDomainOrWorkgroup "$AccountOU$",3,"$Domain$","$Password$","$Username$"
exit %ERRORLEVEL%
;wmic /interactive:off computersystem Where name!=null call JoinDomainOrWorkgroup AccountOU="$AccountOU$" FJoinOptions=3 Name="$Domain$" Password="$Password$" UserName="$Username$"
[DosInAnIcon_get_partofdomain]
@echo off
wmic computersystem get partofdomain
[Registry_patch_default_domain]
openkey [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
set "DefaultDomainName" = "$Domain$"
set "AltDefaultDomainName" = "$Domain$"
set "CachePrimaryDomain" = "$Domain$"
[Registry_samba_domain_settings]
openkey [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters]
set "DomainCompatibilityMode" = reg_dword:1
set "DNSNameResolutionRequired" = reg_dword:0
openkey [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters]
set "RequireSignOrSeal" = reg_dword:1
set "RequireStrongKey" = reg_dword:1
[DosInAnIcon_restart_lanman]
net stop computerbrowser /yes
net stop LanmanWorkstation /yes
net start LanmanWorkstation
net start computerbrowser
[DosInAnIcon_setwinsserver]
wmic nicconfig where "IPenabled=TRUE" call SetWINSServer "$primarywinsserver$","$secondarywinsserver$"
exit %ERRORLEVEL%
[setwinsserver_examples]
C:\Dokumente und Einstellungen\Administrator>wmic nicconfig where "IPenabled=TRU
E" call SetWINSServer 192.168.12.60
(\\EVB\ROOT\CIMV2:Win32_NetworkAdapterConfiguration.Index=1)->SetWINSServer() wi
rd ausgeführt
Methode wurde ausgeführt.
Ausgabeparameter:
instance of __PARAMETERS
{
ReturnValue = 68;
};
C:\Dokumente und Einstellungen\Administrator>wmic nicconfig where "IPenabled=TRU
E" call SetWINSServer "192.168.1.14","192.168.12.60"
(\\EVB\ROOT\CIMV2:Win32_NetworkAdapterConfiguration.Index=1)->SetWINSServer() wi
rd ausgeführt
Methode wurde ausgeführt.
Ausgabeparameter:
instance of __PARAMETERS
{
ReturnValue = 0;
};
C:\Dokumente und Einstellungen\Administrator>
ich weis nicht was ich noch Konfigurieren soll
Mit freundlichem Gruß Vladislav
Ich habe mal wieder stress mit opsi
wir hatten ein windomain.opsi packet welches den gewünschten Rechner in die Firmendomain hinzugefügt hatte.
Jetzt ist diese Packet abhanden gekommen und ich müsste ein neues konfigurieren. Ich komme aber nicht ganz mit dieer klar.
; Copyright (c) uib gmbh (www.uib.de)
; This sourcecode is owned by uib
; and published under the Terms of the General Public License.
; credits: http://www.opsi.org/credits/
[actions]
requiredWinstVersion >= "4.11.3.6"
ScriptErrorMessages = false
DefVar $Domain$
DefVar $Username$
DefVar $Password$
DefVar $AccountOU$
DefVar $UseNetdom$
DefVar $primarywinsserver$
DefVar $secondarywinsserver$
DefVar $MsVersion$
DefVar $OSArch$
DefVar $method$
DefVar $netdompath$
DefVar $exitcode$
DefStringlist $list$
Set $MsVersion$ = GetMsVersionInfo
set $OSArch$ = GetSystemType
Set $Domain$ = GetProductProperty("domain","meineDomain.local")
Set $Username$ = GetProductProperty("username","administrator")
Set $Password$ = GetProductProperty("password","1234")
Set $AccountOU$ = GetProductProperty("account_ou","administrator")
Set $AccountOU$ = ComposeString(SplitString($AccountOU$, ','), ';')
Set $method$ = GetProductProperty("method","unknown")
Set $primarywinsserver$ = GetProductProperty("primarywinsserver","192.168.100.1")
Set $secondarywinsserver$ = GetProductProperty("secondarywinsserver","192.168.100.1")
ShowBitmap "%ScriptPath%\winconfig.png" "Joining domain " + $Domain$
Message "Perparing to join"
if $method$ = "auto"
comment "we are in auto mode - let us decide which method to use"
if $MsVersion$ < "6"
comment "on NT5 we switch to method netdom"
set $method$ = "netdom.exe"
else
comment "on NT6 we start with powershell and if this fails we use wmic"
set $method$ = "powershell"
endif
endif
if $method$ = "netdom.exe"
if $MsVersion$ >= "6"
if $OSArch$ = "64 Bit System"
set $netdompath$ = "%ScriptPath%\nt6x64"
else
set $netdompath$ = "%ScriptPath%\nt6x32"
endif
Files_copy_netdom /Sysnative
else
set $netdompath$ = "%ScriptPath%"
Files_copy_netdom
endif
endif
if ( lower(trim(takeString(2, getOutStreamFromSection('DosInAnIcon_get_partofdomain')))) = "true" )
Message "Unjoining domain"
comment "Disconnecting shares to avoid multiple connections to the same server with different usernames"
DosInAnIcon_disconnect winst /sysnative
if $method$ = "netdom.exe"
DosInAnIcon_unjoin_domain_netdom winst /sysnative
endif
DosInAnIcon_unjoin_domain winst /sysnative
if not ( lower(trim(takeString(2, getOutStreamFromSection('DosInAnIcon_get_partofdomain')))) = "false" )
LogError "Failed to unjoin domain"
isFatalError
endif
ExitWindows /ImmediateReboot
endif
Message "Joining domain"
comment "Disconnecting shares to avoid multiple connections to the same server with different usernames"
DosInAnIcon_disconnect winst /sysnative
ExitWindows /Reboot
if $MsVersion$ >= "6"
if GetProductProperty("samba_domain","true") = "true"
Registry_samba_domain_settings /sysnative
DosInAnIcon_restart_lanman winst /sysnative
endif
endif
if $method$ = "netdom.exe"
if ($AccountOU$ = "")
comment "Using netdom.exe to join domain"
DosInAnIcon_join_domain_netdom winst /sysnative
else
comment "Using netdom.exe to join domain, ou: " + $AccountOU$
DosInAnIcon_join_domain_ou_netdom winst /sysnative
endif
set $exitcode$ = getLastExitcode
endif
if $method$ = "powershell"
set $exitcode$ = "0"
;DosInAnIcon_setpolicy /sysnative
DosInAnIcon_setpolicy
set $exitcode$ = getLastExitcode
set $exitcode$ = "0"
if ($AccountOU$ = "")
;set $list$ = getOutStreamFromSection ('ExecWith_powershell "%System%\WindowsPowerShell\v1.0\powershell.exe" winst /sysnative')
set $list$ = getOutStreamFromSection ('ExecWith_powershell powershell.exe')
else
;set $list$ = getOutStreamFromSection ('ExecWith_powershell_ou "%System%\WindowsPowerShell\v1.0\powershell.exe" winst /sysnative')
set $list$ = getOutStreamFromSection ('ExecWith_powershell_ou powershell.exe')
set $exitcode$ = getLastExitcode
if not ($exitcode$ = "0")
comment "join via powershell with ou failed - retry with without ou"
set $list$ = getOutStreamFromSection ('ExecWith_powershell powershell.exe')
endif
endif
set $exitcode$ = getLastExitcode
;PatchTextFile_Create_powershell "c:\opsi.org\tmp\joinpatched.ps1"
;DosInAnIcon_JoinDom
if not ($exitcode$ = "0")
comment "join via powershell failed - retry with wmic"
set $method$ = "wmic"
endif
endif
if $method$ = "wmic"
if ($AccountOU$ = "")
comment "Using wmi to join domain"
DosInAnIcon_join_domain_wmic winst /sysnative
else
comment "Using wmi to join domain, ou: " + $AccountOU$
DosInAnIcon_join_domain_ou_wmic winst /sysnative
endif
endif
if ( lower(trim(takeString(2, getOutStreamFromSection('DosInAnIcon_get_partofdomain')))) = "false" )
LogError "Failed to join domain"
isFatalError
endif
if NOT ($primarywinsserver$ = "")
if ($secondarywinsserver$ = "")
Set $secondarywinsserver$ = $primarywinsserver$
endif
DosInAnIcon_setwinsserver winst /sysnative
endif
comment "Setting default logon domain"
Registry_patch_default_domain /sysnative
;[PatchTextFile_Create_powershell]
;AddLine "$secpasswd = ConvertTo-SecureString '$Password$' -AsPlainText -Force"
;AddLine "$mycreds = New-Object System.Management.Automation.PSCredential ('$Domain$\$Username$', $secpasswd)"
;AddLine "add-computer -domainname $Domain$ -credential $mycreds -PassThru"
;SaveToFile "c:\opsi.org\tmp\joinpatched.ps1"
;[DosInAnIcon_JoinDom]
;echo "domjoin with powershell ..."
;rem powershell set-executionpolicy RemoteSigned
;powershell "c:\opsi.org\tmp\joinpatched.ps1"
;exit %ERRORLEVEL%
;rem del "c:\opsi.org\tmp\joinpatched.ps1"
[DosInAnIcon_setpolicy]
echo "powershell set-executionpolicy RemoteSigned ..."
powershell.exe set-executionpolicy RemoteSigned
exit %ERRORLEVEL%
[ExecWith_powershell]
$secpasswd = ConvertTo-SecureString '$Password$' -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ('$Domain$\$Username$', $secpasswd)
add-computer -domainname $Domain$ -credential $mycreds -PassThru
if ($?) {Exit(0)}
else {Exit(1)}
[ExecWith_powershell_ou]
$secpasswd = ConvertTo-SecureString '$Password$' -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ('$Domain$\$Username$', $secpasswd)
add-computer -domainname $Domain$ -credential $mycreds -OUPath "$AccountOU$" -PassThru
if ($?) {Exit(0)}
else {Exit(1)}
[Files_cleanup]
del "c:\opsi.org\tmp\*.ps1"
[DosInAnIcon_disconnect]
net use /delete * /yes
exit %ERRORLEVEL%
[Files_copy_netdom]
copy "$netdompath$\netdom.exe" "%System%\"
[DosInAnIcon_unjoin_domain]
wmic /interactive:off computersystem where name!=null call unjoindomainorworkgroup
exit %ERRORLEVEL%
[DosInAnIcon_unjoin_domain_netdom]
"%System%\netdom.exe" remove %PCNAME% /Verbose /Domain:$Domain$ /Userd:$Username$ /PasswordD:$Password$
exit %ERRORLEVEL%
[DosInAnIcon_join_domain_netdom]
"%System%\netdom.exe" join %PCNAME% /Verbose /Domain:$Domain$ /Userd:$Domain$\$Username$ /PasswordD:$Password$
exit %ERRORLEVEL%
[DosInAnIcon_join_domain_ou_netdom]
"%System%\netdom.exe" join %PCNAME% /Verbose /Domain:$Domain$ /Userd:$Username$ /PasswordD:$Password$ /OU:"$AccountOU$"
exit %ERRORLEVEL%
[DosInAnIcon_join_domain_wmic]
wmic /interactive:off computersystem where name!=null call JoinDomainOrWorkgroup "",3,"$Domain$","$Password$","$Username$"
exit %ERRORLEVEL%
[DosInAnIcon_join_domain_ou_wmic]
wmic /interactive:off computersystem where name!=null call JoinDomainOrWorkgroup "$AccountOU$",3,"$Domain$","$Password$","$Username$"
exit %ERRORLEVEL%
;wmic /interactive:off computersystem Where name!=null call JoinDomainOrWorkgroup AccountOU="$AccountOU$" FJoinOptions=3 Name="$Domain$" Password="$Password$" UserName="$Username$"
[DosInAnIcon_get_partofdomain]
@echo off
wmic computersystem get partofdomain
[Registry_patch_default_domain]
openkey [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
set "DefaultDomainName" = "$Domain$"
set "AltDefaultDomainName" = "$Domain$"
set "CachePrimaryDomain" = "$Domain$"
[Registry_samba_domain_settings]
openkey [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters]
set "DomainCompatibilityMode" = reg_dword:1
set "DNSNameResolutionRequired" = reg_dword:0
openkey [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters]
set "RequireSignOrSeal" = reg_dword:1
set "RequireStrongKey" = reg_dword:1
[DosInAnIcon_restart_lanman]
net stop computerbrowser /yes
net stop LanmanWorkstation /yes
net start LanmanWorkstation
net start computerbrowser
[DosInAnIcon_setwinsserver]
wmic nicconfig where "IPenabled=TRUE" call SetWINSServer "$primarywinsserver$","$secondarywinsserver$"
exit %ERRORLEVEL%
[setwinsserver_examples]
C:\Dokumente und Einstellungen\Administrator>wmic nicconfig where "IPenabled=TRU
E" call SetWINSServer 192.168.12.60
(\\EVB\ROOT\CIMV2:Win32_NetworkAdapterConfiguration.Index=1)->SetWINSServer() wi
rd ausgeführt
Methode wurde ausgeführt.
Ausgabeparameter:
instance of __PARAMETERS
{
ReturnValue = 68;
};
C:\Dokumente und Einstellungen\Administrator>wmic nicconfig where "IPenabled=TRU
E" call SetWINSServer "192.168.1.14","192.168.12.60"
(\\EVB\ROOT\CIMV2:Win32_NetworkAdapterConfiguration.Index=1)->SetWINSServer() wi
rd ausgeführt
Methode wurde ausgeführt.
Ausgabeparameter:
instance of __PARAMETERS
{
ReturnValue = 0;
};
C:\Dokumente und Einstellungen\Administrator>
ich weis nicht was ich noch Konfigurieren soll
Mit freundlichem Gruß Vladislav
Please also mark the comments that contributed to the solution of the article
Content-ID: 265011
Url: https://administrator.de/contentid/265011
Printed on: October 7, 2024 at 01:10 o'clock