$credlocal = get-credentialWhere machines.csv is a CSV file with Hostname/IP pairs and a header row. It prompts for credentials twice, once for the local/built-in admin, then one with domain-join permission
$creddomain = get-credential
$machinelist = import-csv c:\temp\machines.csv
foreach($line in $machinelist)
{
add-computer -computername $line.IP -localcredential $credlocal -domain my.domain -domaincredential $creddomain -Newname $line.Hostname -restart
}
However, when I actually tried to run this I got the following error.
add-computer : Cannot establish the WMI connection to the computer 'xxx.xxx.xxx.xxx' with the following errormessage: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)).
This error was pretty simple, because these machines are not domain joined, the $c/$admin/etc shares are not enabled. You can enable the pretty simply see here:At C:\temp\renamecomputer.ps1:8 char:5+ add-computer -newname $line.Hostname -computername $line.IP -localcredent ...+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo : OperationStopped: (xxx.xxx.xxx.xxx:String) [Rename-Computer], InvalidOperationException+ FullyQualifiedErrorId : RenameComputerException,Microsoft.PowerShell.Commands.RenameComputerCommand
http://everydaynerd.com/how-to/fix/windows-7-enable-admin-share
After that though, I was getting:
This error turned out to be less straight-forward to fix. The short version is, you have to allow RPC calls through the firewall (something AD does automatically, either by design or by settings that have been in our domain long before I started working here) which isn't really easy because of Asynchronous callback. Basically, all incoming RPC calls go to port 135, no problem, you can open that. But so that calls don't tie up that port, all the first request returns is a new port for all future calls to come in on - this is more problematic because this appears to be ANY non-standard port; you can't very well open the firewall to all ports about 5000. Also, all of the remote-management rules that are in advfirewall (disabled) don't see to have any effect on this problem. Luckily after some digging, I found you can use program-based firewall rules to get things going.add-computer : Cannot establish the WMI connection to the computer 'xxx.xxx.xxx.xxx' with the following errormessage: The RPC server is unavailable. (Exception from HRESULT: 0x800706BA).At C:\temp\renamecomputer.ps1:8 char:5+ add-computer -newname $line.Hostname -computername $line.IP -localcredent ...+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo : OperationStopped: (xxx.xxx.xxx.xxx:String) [Rename-Computer], InvalidOperationException+ FullyQualifiedErrorId : RenameComputerException,Microsoft.PowerShell.Commands.RenameComputerCommand
This is article is for windows 8.1 embeded, so step #2 doesn't work on win 7, but everything else seems to run. Also, step #1 is the same reg key created from the last link.
http://msdn.microsoft.com/en-us/library/jj980508(v=winembedded.81).aspx
I re-ran the command after each step, mine started working after step 5, so I think that's the key rule, but the others don't seem to hurt. Of course, this is something that has to be in the master image, so now I have reclone about 50 VMs but hey, testing things like this before the cloning is overrated.
No comments:
Post a Comment