Powershell Remoting

How to PowerShell remoting using invoke-command.

Ok in my time for a customer I got a challenge presented.
Join computers to the domain without the native Active directory commands, only allowed to use the Quest Active Roles commands.
Well let me explain the scenario.

Scenario:

The computer OU is restricted for creation of computer accounts, so all the computer that needs to be joined to the domain should have a computer account pre-staged in the domain before they are allowed to join the domain.
The native Active Directory commands are disallowed and Quest Active Roles needs to be used.
The only native AD commands that are allowed are: Domain joining (Not creating accounts), Read Active Directory.
All the other actions need to be performed using Quest.ActiveRoles.
Join a computer called WIN001 that is member of a workgroup to the USEFULLAB.NL domain.

Goal:

Join the WIN001 into the domain from an automated script that is run from the WIN001 using PowerShell.

Script:

Create a script that can be run from the WIN001 using PowerShell.
Something like:

$dc=”ULAB-DC001.usefullab.nl”
$cred = get-credential –credential usefullab\administrator
$cmpname = $env:COMPUTERNAME
$ou = “ou=servers,dc=usefullab,dc=nl”

#Add the domaincontoller to the TrustedHosts for PowershellRemoting
set-item WSMAN:\LocalHost\Client\TrustedHosts –value ULAB-DC001 -force

#Create the computer account on the domain
invoke-command –computername $DC –credentials $cred –scriptblock {
param($cmpname,$ou) add-pssnapin Quest.ActiveRoles.ADManagement ;
new-qadcomputer –Name $cmpname –SamAccount $cmpname –parentcontainer $ou
} –args $cmpname,$ou

#Add the computer to the domain
Add-computer –DomainName “Usefullab.nl” –credentials $cred –restart -force

This then will create the computer account in the server OU in the Usefullab.nl domain.

 

I hope this helped.

<hr>

Before:

<

p>
After:

About The Author