Joining Windows 7 to a Domain using the unattend.xml and Mini-setup

by Ron Oglesby on Tue, May 3, 2011 at 3:34 PM 1 comment, 7427 views

Windows 7 desktops that are created by Unidesk make use of Microsoft’s mini-setup to configure the new “unique” Windows desktop during thier first build. Microsoft's mini-setup can be automated by use of an unattended.xml file that is created by the administrator. These files can be created using the MS Windows Automated Installation KIT (AIK) or built by hand if you happen to have all the parts you need.

Often Unidesk customers will just take our sample Unattend.xml and add or remove lines manually to change the installation (these samples are in the software download in the Windows directory). One of the confusing things for some users is how to edit the XML to join the domain during the mini-setup process. So… I figured we could lead a horse to water :-)

The example below uses my domain (Oglesby.local) and an OU named “VDI". It should be mentioned that if you do not specify an OU, the computer accounts will simply be placed in the Computer’s container in the root of the target domain.

First you should find the “specialize” section in the unattended.xml by locating:

 <settings pass="specialize">

In this section you want to add the component for an unattended domain join:

<component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <Identification>
                <Credentials>
                    <Domain>Oglesby.local</Domain>
                    <Password>DomainPassword</Password>
                    <Username>D omainUserWithRightsToAddComputerAcct</Username>
                </Credentials>
                <JoinDomain>Oglesby.local</JoinDomain>
                <MachineObjectOU>OU=VDI,DC=oglesby,DC=local </MachineObjectOU>
                <UnsecureJoin>False</UnsecureJoin>
            </Identification>
        </component>

You should obviously replace the domain info and make sure you have the distinguished name (OU=, DC=,DC=) set correctly. But, with this added to the proper section and your DNS/networking functions working, your machines will be added to the domain during the mini-setup process, receive a domain SID, and begin participating in domain functions (GPOs, authentication, etc) immediately.

To download the Windows AIK to build these XMLs, get it direct from MS.

This is a decent article on the process of syspre/unattended.XML

This is an even better article on Unattended XML creation (no need to Sysprep a Unidesk desktop)

Finally, a video on the unattended file creation (shows the WAIK interface)

 

 

Posted in Ron’s Politically Incorrect VDI Blog
Tagged virtual desktop management

Comments

Posted on January 8, 2012
Christoph Cathrein
Registered user
Joined: February 4, 2011
Points: 45

Ron, thanks for this Wrap-Up.
I think it helps me a lot...
cheers
Christoph

Post new comment

The content of this field is kept private and will not be shown publicly.