Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
Cervantes Absent Member.
Absent Member.
2724 views

Rejoin domain after imaging

We would have a number of labs that we would periodically re-image with a hardware specific image for the lab. The image (Windows XP) is built without sysprep, and relies on Zenworks to rename the workstation from each machine's ZISD. This has worked fine in the past for us in an eDirectory environment, however we are now moving our machines to an AD environment.

I've been trying to carry out re-imaging as described above - the imaged PCs reboot, see the just imaged flag is set, and restore the machine info from ZISD. However they cannot log into the domain, saying that a machine account does not exist. However, on checking in AD Users and Computers, the machine account does exist.

Should Zenworks have reset the SID of the machine back to what's contained in the ZISD store - or is there a different SID that AD uses when trying to match up with a machine account?

To sum up the steps I carried out:

1. Joined master PC to domain, Zenworks agent is 10.3
2. Ran zac fsg -d on master PC
3. Take image of master PC
4. Ensure client PC is joined to domain (machine account exists), Zenworks agent is 10.3
5. Apply image of master PC to client PC
6. Reboot client PC, zenworks imaging box appears, renames workstation
7. When zenworks is finished, reboot - client can't log into domain

Is it even a feature of Zenworks that it can recreate the link between the workstation and its domain machine account? Or will I have to use some autologin functionality and netdom.exe scripting?

Thanks,
Mahon
Labels (2)
Tags (2)
0 Likes
3 Replies
chasb73 Absent Member.
Absent Member.

Re: Rejoin domain after imaging

Cervantes;1991242 wrote:
We would have a number of labs that we would periodically re-image with a hardware specific image for the lab. The image (Windows XP) is built without sysprep, and relies on Zenworks to rename the workstation from each machine's ZISD. This has worked fine in the past for us in an eDirectory environment, however we are now moving our machines to an AD environment.

I've been trying to carry out re-imaging as described above - the imaged PCs reboot, see the just imaged flag is set, and restore the machine info from ZISD. However they cannot log into the domain, saying that a machine account does not exist. However, on checking in AD Users and Computers, the machine account does exist.

Should Zenworks have reset the SID of the machine back to what's contained in the ZISD store - or is there a different SID that AD uses when trying to match up with a machine account?

To sum up the steps I carried out:

1. Joined master PC to domain, Zenworks agent is 10.3
2. Ran zac fsg -d on master PC
3. Take image of master PC
4. Ensure client PC is joined to domain (machine account exists), Zenworks agent is 10.3
5. Apply image of master PC to client PC
6. Reboot client PC, zenworks imaging box appears, renames workstation
7. When zenworks is finished, reboot - client can't log into domain

Is it even a feature of Zenworks that it can recreate the link between the workstation and its domain machine account? Or will I have to use some autologin functionality and netdom.exe scripting?

Thanks,
Mahon


Not an expert but we had to run a zenworks bundle at startup after reimaging to rejoin AD. We used netdom and just added a reg key as a flag that it had joined AD so it wouldn't try and rejoin again.

Can find script and post if needed?
0 Likes
Cervantes Absent Member.
Absent Member.

Re: Rejoin domain after imaging

chasb73;1991770 wrote:
Not an expert but we had to run a zenworks bundle at startup after reimaging to rejoin AD. We used netdom and just added a reg key as a flag that it had joined AD so it wouldn't try and rejoin again.

Can find script and post if needed?


Chasb73,

That would be very helpful if you could post that - does your bundle run without a user having to login? What I'm really looking for is an "Fire and forget" approach - once I've initiated an imaging session, the client machines will return to a usable state without any further intervention.

Thanks,
Mahon
0 Likes
Highlighted
chasb73 Absent Member.
Absent Member.

Re: Rejoin domain after imaging

Cervantes;1992110 wrote:
Chasb73,

That would be very helpful if you could post that - does your bundle run without a user having to login? What I'm really looking for is an "Fire and forget" approach - once I've initiated an imaging session, the client machines will return to a usable state without any further intervention.

Thanks,
Mahon


I created a Directive Bundle with this in launch:

Command: C:\Windows\netdom.exe

(Placed NETDOM.exe in the Windows Directory)

Command Line Parameters: JOIN %COMPUTERNAME% /Domain:******** /UserD:******* /PasswordD:******* /REBoot 30

I then had the bundle push out a REG Key that the bundle required NOT to exist to run, this is a safeguard to make sure the bundle doesn't run every boot

Cheers

Set the Relationship to all Workstations and set it to Distribute, install and Launch on Device Boot...
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.