Categories
ConfigMgr

ConfigMgr : Task Sequence Domain Join Fail

Had an issue with some builds today where the mahcines appeared to Domain Join during T/S but the bombed-out on the Enable Bitlocker stage as they wer eunable to store the Recovery Key data in the Directory service… because they were not Domain Joined! To cut a long story short, SCCM and the Domain Join functionality cannot function in the event that the computer account already exists, in another Organizational Unit. This is a limitation in Windows Setup, not the SCCM Task Sequence.

We use a custom HTA to collect OU locations, machine names etc so I extended it with the function below to perform a comparision of the TS MachineObjectOU variable value, and the existing account distinguishedName value – using the MDT Web Service produced by Maik Koster.

 

{code lang:xml showtitle:false lines:false hidden:false}Dim existingOU ‘used to store existing computer DN
SET env = CreateObject(“Microsoft.SMS.TSEnvironment”)

Set HTTP = CreateObject(“MSXML2.XMLHTTP.3.0”)
Set xmlDoc = CreateObject(“Microsoft.XMLDOM”)
xmlDOC.Async=False

GetComputerDN strDomain, strComputer

If (env(“MachineObjectOU”) = existingOU) Then ‘check target/existing OU’s match – if not TS would fail
         loadTSVars
     ShowTSWindow
    self.close
     Else
        msgbox “Machine account exists in a different OU:” & vbCrlf & existingOU & vbCrlf & vbCrlf & “Please move/delete this computer object and wait for replication.”
     End If

End If

Function GetComputerDN(strDomain,strComputer) ‘finds existing computer account DN, so that we can compare selected OU vs existing. Must match or TS will fail.
On Error Resume Next
HTTP.Open “GET”,”http://webservice/adex.asmx/GetComputerAttribute?Domain=” & strDomain & “&Computername=” & strComputer & “&Attribute=distinguishedName”, False
HTTP.Send()
If Err.Number <> 0 Then
RegisterError(Err.Description)
Else
If xmlDoc.load(HTTP.responseXML) = False Then
RegisterError(“Error Loading Web Service Content: ” + xmlDoc.parseError.reason)
Else
xmlDoc.setProperty “SelectionNamespaces”, “xmlns:mk=’http://maikkoster.com/Deployment'”
     existingOU = xmlDoc.SelectSingleNode(“string”).Text
     existingOU = REPLACE(existingOU,”CN=” & strComputer & “,”,””)
    End If
End If
End Function{/code}

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *