Active Directory + Win 7
We are experimenting with FOG at the moment, alongside our WDS+MDT installation to try and speed up things such as laptops.
FOG is working fine(ish) and is chugging along quite happily pulling/pushing images and renaming machines.
However, it is not joining them to the domain? I have seen references to netdom which to my knowledge is not in Win7 any more - so at present is FOG capable of this, and if so, where am I going wrong with it?
Cheers people! ;)
Ah! I've had exactly the same problem just today, although with Windows XP. My problem turned out to be PHP's "magic quotes" feature getting in the way:
Originally Posted by Homer
This might or might not be your problem - have you specified the full admin account name, e.g. "DOMAIN\administrator" rather than just "administrator", for the domain-join task?
The netdom stuff isn't required anymore, the service was rewritten so it will join the domain by itself.
This thread has most of the issues you'll encounter.
I think it is now down to me being a tool. How can I attempt to register the machine to the domain using FOG, manually? I think it is user/pass now but I cannot be sure, a quick Google turns error code 1326 up as a username/password fail. Magic quotes are off.
Windows 7 based client.
Are you sure you are using the password encryptor and the account you are using has permissions to add the computer object to AD?
Yup and Yup! The account we are using, we use with deployment from MDT to join machines to the domain.
You could try it with the domain administrator account just to test if it is a permissons thing.
...and if you look at the active directory settings on a per host basis it's all spelt correctly in the form domain\username? not domain\\username or domainusername?
Got it. Was the username, had no \ in it.
Working a treat now!
Does your installation put machines into different OU's depending on what group the host is in?
One niggly thing about FOG is that when you do the host registration you can't pick what group it goes into so it doesn't pick up the AD settings straight away.
The group functionailty is only used to modify settings on more than one host, the hosts will never inherit any settings from a group. If you add a new host into your group now, the AD settings will not be updated on that host, any snapins that were assigned to that group will not be assigned to that host etc.
I did put in a feature request the group function be changed to actually push settings onto new hosts in a group but that maybe too big a change to implement.
I just let them appear in the 'Computers' container and move them when the workstation is built, on a rebuild they'll be in the right place. So unless you rename things often or are setting up new computers you don't have to touch it.
I thought that was the case, wanted to find out though, thank you. At least I'm not being a noob with it.
We're imaging up a bunch of new laptops at the moment and we have them go into a holding OU so that they pick up policies etc, then we can move them out to wherever they need to be.
Something else to be aware of is that AD is joined only after imaging. To my knowledge you can't force a join via FOG without reimaging.
Edit: See post below.
The reimaging task is just about getting the image on the drive, the hostname changing and domain join are handled by the service. There isn't any interaction between the two. If you install the service on a PC that is out of the domain, and the FOG database has the Active Directory settings set for that host then it will attempt to join. You can watch the log file on the host as the service starts and check the behaviour, it's totally independent.
Good to know, thanks for the correction.