Opsi windomain konfigurieren

vladislav
Goto Top
Guten Tag an Alle Administratoren,

Ich habe mal wieder stress mit opsi
wir hatten ein windomain.opsi packet welches den gewünschten Rechner in die Firmendomain hinzugefügt hatte.
Jetzt ist diese Packet abhanden gekommen und ich müsste ein neues konfigurieren. Ich komme aber nicht ganz mit dieer klar.

; Copyright (c) uib gmbh (www.uib.de)
; This sourcecode is owned by uib
; and published under the Terms of the General Public License.
; credits: http://www.opsi.org/credits/

[actions]
requiredWinstVersion >= "4.11.3.6"
ScriptErrorMessages = false

DefVar $Domain$
DefVar $Username$
DefVar $Password$
DefVar $AccountOU$
DefVar $UseNetdom$
DefVar $primarywinsserver$
DefVar $secondarywinsserver$
DefVar $MsVersion$
DefVar $OSArch$
DefVar $method$
DefVar $netdompath$
DefVar $exitcode$
DefStringlist $list$

Set $MsVersion$ = GetMsVersionInfo
set $OSArch$ = GetSystemType
Set $Domain$ = GetProductProperty("domain","meineDomain.local")
Set $Username$ = GetProductProperty("username","administrator")
Set $Password$ = GetProductProperty("password","1234")
Set $AccountOU$ = GetProductProperty("account_ou","administrator")
Set $AccountOU$ = ComposeString(SplitString($AccountOU$, ','), ';')
Set $method$ = GetProductProperty("method","unknown")
Set $primarywinsserver$ = GetProductProperty("primarywinsserver","192.168.100.1")
Set $secondarywinsserver$ = GetProductProperty("secondarywinsserver","192.168.100.1")

ShowBitmap "%ScriptPath%\winconfig.png" "Joining domain " + $Domain$

Message "Perparing to join"

if $method$ = "auto"
comment "we are in auto mode - let us decide which method to use"
if $MsVersion$ < "6"
comment "on NT5 we switch to method netdom"
set $method$ = "netdom.exe"
else
comment "on NT6 we start with powershell and if this fails we use wmic"
set $method$ = "powershell"
endif
endif

if $method$ = "netdom.exe"
if $MsVersion$ >= "6"
if $OSArch$ = "64 Bit System"
set $netdompath$ = "%ScriptPath%\nt6x64"
else
set $netdompath$ = "%ScriptPath%\nt6x32"
endif
Files_copy_netdom /Sysnative
else
set $netdompath$ = "%ScriptPath%"
Files_copy_netdom
endif
endif


if ( lower(trim(takeString(2, getOutStreamFromSection('DosInAnIcon_get_partofdomain')))) = "true" )
Message "Unjoining domain"

comment "Disconnecting shares to avoid multiple connections to the same server with different usernames"
DosInAnIcon_disconnect winst /sysnative

if $method$ = "netdom.exe"
DosInAnIcon_unjoin_domain_netdom winst /sysnative
endif
DosInAnIcon_unjoin_domain winst /sysnative

if not ( lower(trim(takeString(2, getOutStreamFromSection('DosInAnIcon_get_partofdomain')))) = "false" )
LogError "Failed to unjoin domain"
isFatalError
endif
ExitWindows /ImmediateReboot
endif

Message "Joining domain"

comment "Disconnecting shares to avoid multiple connections to the same server with different usernames"
DosInAnIcon_disconnect winst /sysnative
ExitWindows /Reboot

if $MsVersion$ >= "6"
if GetProductProperty("samba_domain","true") = "true"
Registry_samba_domain_settings /sysnative
DosInAnIcon_restart_lanman winst /sysnative
endif
endif

if $method$ = "netdom.exe"
if ($AccountOU$ = "")
comment "Using netdom.exe to join domain"
DosInAnIcon_join_domain_netdom winst /sysnative
else
comment "Using netdom.exe to join domain, ou: " + $AccountOU$
DosInAnIcon_join_domain_ou_netdom winst /sysnative
endif
set $exitcode$ = getLastExitcode
endif

if $method$ = "powershell"
set $exitcode$ = "0"
;DosInAnIcon_setpolicy /sysnative
DosInAnIcon_setpolicy
set $exitcode$ = getLastExitcode
set $exitcode$ = "0"
if ($AccountOU$ = "")
;set $list$ = getOutStreamFromSection ('ExecWith_powershell "%System%\WindowsPowerShell\v1.0\powershell.exe" winst /sysnative')
set $list$ = getOutStreamFromSection ('ExecWith_powershell powershell.exe')
else
;set $list$ = getOutStreamFromSection ('ExecWith_powershell_ou "%System%\WindowsPowerShell\v1.0\powershell.exe" winst /sysnative')
set $list$ = getOutStreamFromSection ('ExecWith_powershell_ou powershell.exe')
set $exitcode$ = getLastExitcode
if not ($exitcode$ = "0")
comment "join via powershell with ou failed - retry with without ou"
set $list$ = getOutStreamFromSection ('ExecWith_powershell powershell.exe')
endif
endif
set $exitcode$ = getLastExitcode
;PatchTextFile_Create_powershell "c:\opsi.org\tmp\joinpatched.ps1"
;DosInAnIcon_JoinDom
if not ($exitcode$ = "0")
comment "join via powershell failed - retry with wmic"
set $method$ = "wmic"
endif
endif

if $method$ = "wmic"
if ($AccountOU$ = "")
comment "Using wmi to join domain"
DosInAnIcon_join_domain_wmic winst /sysnative
else
comment "Using wmi to join domain, ou: " + $AccountOU$
DosInAnIcon_join_domain_ou_wmic winst /sysnative
endif
endif


if ( lower(trim(takeString(2, getOutStreamFromSection('DosInAnIcon_get_partofdomain')))) = "false" )
LogError "Failed to join domain"
isFatalError
endif

if NOT ($primarywinsserver$ = "")
if ($secondarywinsserver$ = "")
Set $secondarywinsserver$ = $primarywinsserver$
endif
DosInAnIcon_setwinsserver winst /sysnative
endif

comment "Setting default logon domain"
Registry_patch_default_domain /sysnative

;[PatchTextFile_Create_powershell]
;AddLine "$secpasswd = ConvertTo-SecureString '$Password$' -AsPlainText -Force"
;AddLine "$mycreds = New-Object System.Management.Automation.PSCredential ('$Domain$\$Username$', $secpasswd)"
;AddLine "add-computer -domainname $Domain$ -credential $mycreds -PassThru"
;SaveToFile "c:\opsi.org\tmp\joinpatched.ps1"

;[DosInAnIcon_JoinDom]
;echo "domjoin with powershell ..."
;rem powershell set-executionpolicy RemoteSigned
;powershell "c:\opsi.org\tmp\joinpatched.ps1"
;exit %ERRORLEVEL%
;rem del "c:\opsi.org\tmp\joinpatched.ps1"

[DosInAnIcon_setpolicy]
echo "powershell set-executionpolicy RemoteSigned ..."
powershell.exe set-executionpolicy RemoteSigned
exit %ERRORLEVEL%

[ExecWith_powershell]
$secpasswd = ConvertTo-SecureString '$Password$' -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ('$Domain$\$Username$', $secpasswd)
add-computer -domainname $Domain$ -credential $mycreds -PassThru
if ($?) {Exit(0)}
else {Exit(1)}

[ExecWith_powershell_ou]
$secpasswd = ConvertTo-SecureString '$Password$' -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ('$Domain$\$Username$', $secpasswd)
add-computer -domainname $Domain$ -credential $mycreds -OUPath "$AccountOU$" -PassThru
if ($?) {Exit(0)}
else {Exit(1)}

[Files_cleanup]
del "c:\opsi.org\tmp\*.ps1"

[DosInAnIcon_disconnect]
net use /delete * /yes
exit %ERRORLEVEL%

[Files_copy_netdom]
copy "$netdompath$\netdom.exe" "%System%\"

[DosInAnIcon_unjoin_domain]
wmic /interactive:off computersystem where name!=null call unjoindomainorworkgroup
exit %ERRORLEVEL%

[DosInAnIcon_unjoin_domain_netdom]
"%System%\netdom.exe" remove %PCNAME% /Verbose /Domain:$Domain$ /Userd:$Username$ /PasswordD:$Password$
exit %ERRORLEVEL%

[DosInAnIcon_join_domain_netdom]
"%System%\netdom.exe" join %PCNAME% /Verbose /Domain:$Domain$ /Userd:$Domain$\$Username$ /PasswordD:$Password$
exit %ERRORLEVEL%

[DosInAnIcon_join_domain_ou_netdom]
"%System%\netdom.exe" join %PCNAME% /Verbose /Domain:$Domain$ /Userd:$Username$ /PasswordD:$Password$ /OU:"$AccountOU$"
exit %ERRORLEVEL%

[DosInAnIcon_join_domain_wmic]
wmic /interactive:off computersystem where name!=null call JoinDomainOrWorkgroup "",3,"$Domain$","$Password$","$Username$"
exit %ERRORLEVEL%

[DosInAnIcon_join_domain_ou_wmic]
wmic /interactive:off computersystem where name!=null call JoinDomainOrWorkgroup "$AccountOU$",3,"$Domain$","$Password$","$Username$"
exit %ERRORLEVEL%
;wmic /interactive:off computersystem Where name!=null call JoinDomainOrWorkgroup AccountOU="$AccountOU$" FJoinOptions=3 Name="$Domain$" Password="$Password$" UserName="$Username$"

[DosInAnIcon_get_partofdomain]
@echo off
wmic computersystem get partofdomain

[Registry_patch_default_domain]
openkey [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
set "DefaultDomainName" = "$Domain$"
set "AltDefaultDomainName" = "$Domain$"
set "CachePrimaryDomain" = "$Domain$"

[Registry_samba_domain_settings]
openkey [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters]
set "DomainCompatibilityMode" = reg_dword:1
set "DNSNameResolutionRequired" = reg_dword:0

openkey [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters]
set "RequireSignOrSeal" = reg_dword:1
set "RequireStrongKey" = reg_dword:1

[DosInAnIcon_restart_lanman]
net stop computerbrowser /yes
net stop LanmanWorkstation /yes
net start LanmanWorkstation
net start computerbrowser


[DosInAnIcon_setwinsserver]
wmic nicconfig where "IPenabled=TRUE" call SetWINSServer "$primarywinsserver$","$secondarywinsserver$"
exit %ERRORLEVEL%

[setwinsserver_examples]
C:\Dokumente und Einstellungen\Administrator>wmic nicconfig where "IPenabled=TRU
E" call SetWINSServer 192.168.12.60
(\\EVB\ROOT\CIMV2:Win32_NetworkAdapterConfiguration.Index=1)->SetWINSServer() wi
rd ausgeführt
Methode wurde ausgeführt.
Ausgabeparameter:
instance of __PARAMETERS
{
ReturnValue = 68;
};


C:\Dokumente und Einstellungen\Administrator>wmic nicconfig where "IPenabled=TRU
E" call SetWINSServer "192.168.1.14","192.168.12.60"
(\\EVB\ROOT\CIMV2:Win32_NetworkAdapterConfiguration.Index=1)->SetWINSServer() wi
rd ausgeführt
Methode wurde ausgeführt.
Ausgabeparameter:
instance of __PARAMETERS
{
ReturnValue = 0;
};


C:\Dokumente und Einstellungen\Administrator>


ich weis nicht was ich noch Konfigurieren soll


Mit freundlichem Gruß Vladislav

Content-Key: 265011

Url: https://administrator.de/contentid/265011

Ausgedruckt am: 01.07.2022 um 12:07 Uhr