Главная страница Случайная страница
КАТЕГОРИИ:
АвтомобилиАстрономияБиологияГеографияДом и садДругие языкиДругоеИнформатикаИсторияКультураЛитератураЛогикаМатематикаМедицинаМеталлургияМеханикаОбразованиеОхрана трудаПедагогикаПолитикаПравоПсихологияРелигияРиторикаСоциологияСпортСтроительствоТехнологияТуризмФизикаФилософияФинансыХимияЧерчениеЭкологияЭкономикаЭлектроника
Sample script for RODC domain join
|
|
' JoinScript.vbs
'
' Script to join a computer to a domain.
'
'
'
sub Usage
wscript.echo " |------------------------------------------------|"
wscript.echo " | Joins a computer to a domain or workgroup |"
wscript.echo " |------------------------------------------------|"
wscript.echo " "
wscript.echo " Usage: "
wscript.echo " cscript JoinScript.vbs [/domain < domainname> | /workgroup < workgroupname> ]"
wscript.echo " [/unjoin] [user < username> ] [/password < password> ]"
wscript.echo " [/machinepassword < password> ] [/readonly] [/createaccount]"
wscript.echo " [/unsecure]"
wscript.echo " "
wscript.echo " domain Specifies the name of a domain to join"
wscript.echo " This option requires user, password"
wscript.echo " "
wscript.echo " workgroup Specifies the name of a workgroup to join"
wscript.echo " "
wscript.echo " unjoin Unjoin from a domain if currently joined."
wscript.echo " "
wscript.echo " disable Disable the account when unjoining the domain."
wscript.echo " This option requires unjoin, user, and password."
wscript.echo " "
wscript.echo " createaccount Specifies to create the computer account in AD"
wscript.echo " "
wscript.echo " machinepassword Specifies a password which is used to"
wscript.echo " authenticate as the machine account to the DC"
wscript.echo " "
wscript.echo " readonly Specifies the domain join will be read only"
wscript.echo " and will not require a writable DC. This option"
wscript.echo " requires machinepassword and that an Administrator"
wscript.echo " has pre-created the computer account and set a"
wscript.echo " password matching the machinepassword parameter."
wscript.echo " "
wscript.echo " DC Specifies a DC to use during domain join."
wscript.echo " If readonly is specified this is mandatory, otherwise optional."
wscript.echo " "
wscript.echo " OU Specifies an OU where the machine account is created, this is optional."
wscript.echo " "
wscript.echo " "
wscript.echo " Unsecure Specifies a an unsecure domain join."
wscript.echo " "
wscript.echo " |------------------------------------------------|"
wscript.echo " |Examples: Run 'cscript JoinScript.vbs < args> ' |"
wscript.echo " | < args>: Choose a scenario below |"
wscript.echo " | * Note lines have been wrapped for readability |"
wscript.echo " |------------------------------------------------|"
wscript.echo " "
wscript.echo " Join domain: /domain < domainname> /user < username> "
wscript.echo " /password < password> /createaccount"
wscript.echo " "
wscript.echo " Join domain with existing account: /domain < domainname> "
wscript.echo " /user < username> "
wscript.echo " /password < password> "
wscript.echo " "
wscript.echo " Unjoin from a domain: /unjoin /user < username> /password < password> "
wscript.echo " "
wscript.echo " "
wscript.echo " Read Only join domain: /domain < domainname> /machinepassword < password> "
wscript.echo " /dc < rodcname> /readonly"
wscript.echo " "
wscript.echo " Join workgroup: /workgroup < workgroupname> "
wscript.echo " "
wscript.echo " "
wscript.quit -1
end sub
'
' Get the command line arguments
'
Set Args = Wscript.Arguments
'Set ArgCount = Args.Count
' Validation and Usage
if Args.Count = 0 then
wscript.echo " Help Requested"
wscript.echo " "
Usage
end if
if Args.Count > 0 then
if Args(0) = " /? " or Args(0) = " -? " or Args(0) = " help" then
wscript.echo " Help Requested"
wscript.echo " "
Usage
end if
if Args.Count < 1 then
wscript.echo " Help Requested"
wscript.echo " "
Usage
end if
end if
' NetJoinDomain flags
Const NETSETUP_JOIN_DOMAIN = 1
Const NETSETUP_ACCT_CREATE = 2
Const NETSETUP_ACCT_DELETE = 4
Const NETSETUP_WIN9X_UPGRADE = 16
Const NETSETUP_DOMAIN_JOIN_IF_JOINED = 32
Const NETSETUP_JOIN_UNSECURE = 64
Const NETSETUP_MACHINE_PWD_PASSED = 128
Const NETSETUP_DEFER_SPN_SET = 256
Const NETSETUP_JOIN_READONLY = 2048
Const NETSETUP_INSTALL_INVOCATION = 262144
' Local state to track limited parameter validation
Options = 0
ReadOnly = 0
Unsecure = 0
JoinWorkgroup = 0
UnjoinDomain = 0
MachinePassword = 0
' Inputs for the join call
strDC = " "
strOU = " "
strDomainName = " "
strDomainNameAndDC = " "
strPassword = " "
strUserName = " "
' Collect parameters
ArgNum = 0
do while ArgNum < Args.Count
if Args(ArgNum) = " /domain" or Args(ArgNum) = " /Domain" then
strDomainName = Args(ArgNum+1)
Options = Options + NETSETUP_JOIN_DOMAIN
ArgNum = ArgNum + 1
end if
if Args(ArgNum) = " /user" or Args(ArgNum) = " /User" then
strUserName = Args(ArgNum+1)
ArgNum = ArgNum + 1
end if
if Args(ArgNum) = " /password" or Args(ArgNum) = " /Password" then
strPassword = Args(ArgNum+1)
ArgNum = ArgNum + 1
end if
if Args(ArgNum) = " /machinepassword" or Args(ArgNum) = " /MachinePassword" then
strPassword = Args(ArgNum+1)
MachinePassword = 1
Options = Options + NETSETUP_MACHINE_PWD_PASSED
ArgNum = ArgNum + 1
end if
if Args(ArgNum) = " /readonly" or Args(ArgNum) = " /ReadOnly" then
Options = Options + NETSETUP_JOIN_READONLY
ReadOnly = 1
end if
if Args(ArgNum) = " /unsecure" or Args(ArgNum) = " /Unsecure" then
Options = Options + NETSETUP_JOIN_UNSECURE
Unsecure = 1
end if
if Args(ArgNum) = " /workgroup" or Args(ArgNum) = " /WorkGroup" then
JoinWorkgroup = 1
strDomainName = Args(ArgNum+1)
ArgNum = ArgNum + 1
end if
if Args(ArgNum) = " /dc" or Args(ArgNum) = " /DC" then
strDC = Args(ArgNum+1)
ArgNum = ArgNum + 1
end if
if Args(ArgNum) = " /ou" or Args(ArgNum) = " /OU" then
strOU = Args(ArgNum+1)
ArgNum = ArgNum + 1
end if
if Args(ArgNum) = " /unjoin" or Args(ArgNum) = " /Unjoin" then
UnjoinDomain = 1
ArgNum = ArgNum + 1
end if
if Args(ArgNum) = " /disable" or Args(ArgNum) = " /disable" then
Disable = 1
Options = Options + NETSETUP_ACCT_DELETE
end if
if Args(ArgNum) = " /createaccount" or Args(ArgNum) = " /CreateAccount" then
Options = Options + NETSETUP_ACCT_CREATE
end if
ArgNum = ArgNum + 1
loop
' Error reporting
if ReadOnly = 1 then
if MachinePassword = 0 then
wscript.echo " ReadOnly requires MachinePassword"
wscript.quit(-1)
end if
end if
if Disable = 1 and UnjoinDomain = 0 then
wscript.echo " Disable is only valid with the unjoin option"
wscript.quit(-1)
end if
' The username is optional and may need to be NULL when passed to the join API below
if strUserName = " " then optionAux = NULL else optionAux = strUserName
' The OU is optional and may need to be NULL when passed to the join API below
if strOU = " " then optionOU = NULL else optionOU = strOU
' Handle the case where this is a domain join and a DC was specified
if strDC = " " then strDomainNameAndDC = strDomainName else strDomainNameAndDC = strDomainName & " \" & strDC
wscript.echo strDomainNameAndDC
Set objNetwork = CreateObject(" WScript.Network")
strComputer = objNetwork.ComputerName
Set objComputer = GetObject(" winmgmts: {impersonationLevel=Impersonate}! \\" & strComputer & " \root\cimv2: Win32_ComputerSystem.Name='" & strComputer & " '")
'ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomainName, strPassword, strDomainName & " \" & strUserName, NULL, NETSETUP_JOIN_DOMAIN + NETSETUP_JOIN_READONLY + NETSETUP_MACHINE_PWD_PASSED)
' Perform the join/unjoin operation
if UnjoinDomain = 1 then
ReturnValue = objComputer.UnjoinDomainOrWorkGroup(strPassword, optionAux, Options)
else
ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomainNameAndDC, strPassword, optionAux, optionOU, Options)
end if
' Report success messages
if ReturnValue = 0 then
if JoinWorkgroup = 1 then
wscript.echo " Welcome to the workgroup: " & strDomainName
wscript.quit(0)
end if
if UnjoinDomain = 1 then
wscript.echo " The machine was unjoined from the domain."
wscript.quit(0)
end if
if JoinWorkgroup = 0 then
wscript.echo " Welcome to the domain: " & strDomainName
wscript.quit(0)
end if
else
wscript.echo " Error: " & ReturnValue
end if