Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ' JoinScript.vbs
- '
- ' Script to join a computer to a domain.
- '
- '
- '
- sub Usage
- wscript.echo " |------------------------------------------------|"
- wscript.echo " | Joins a computer to a domain or workgroup |"
- wscript.echo " |------------------------------------------------|"
- wscript.echo ""
- wscript.echo "Usage: "
- wscript.echo " cscript JoinScript.vbs [/domain <domainname> | /workgroup <workgroupname>]"
- wscript.echo " [/unjoin] [user <username>] [/password <password>]"
- wscript.echo " [/machinepassword <password>] [/readonly] [/createaccount]"
- wscript.echo " [/unsecure]"
- wscript.echo ""
- wscript.echo "domain Specifies the name of a domain to join"
- wscript.echo " This option requires user, password"
- wscript.echo ""
- wscript.echo "workgroup Specifies the name of a workgroup to join"
- wscript.echo ""
- wscript.echo "unjoin Unjoin from a domain if currently joined."
- wscript.echo ""
- wscript.echo "disable Disable the account when unjoining the domain."
- wscript.echo " This option requires unjoin, user, and password."
- wscript.echo ""
- wscript.echo "createaccount Specifies to create the computer account in AD"
- wscript.echo ""
- wscript.echo "machinepassword Specifies a password which is used to"
- wscript.echo " authenticate as the machine account to the DC"
- wscript.echo ""
- wscript.echo "readonly Specifies the domain join will be read only"
- wscript.echo " and will not require a writable DC. This option"
- wscript.echo " requires machinepassword and that an Administrator"
- wscript.echo " has pre-created the computer account and set a"
- wscript.echo " password matching the machinepassword parameter."
- wscript.echo ""
- wscript.echo "DC Specifies a DC to use during domain join."
- wscript.echo " If readonly is specified this is mandatory, otherwise optional."
- wscript.echo ""
- wscript.echo "OU Specifies an OU where the machine account is created, this is optional."
- wscript.echo ""
- wscript.echo ""
- wscript.echo "Unsecure Specifies a an unsecure domain join."
- wscript.echo ""
- wscript.echo " |------------------------------------------------|"
- wscript.echo " |Examples: Run 'cscript JoinScript.vbs <args>' |"
- wscript.echo " | <args>: Choose a scenario below |"
- wscript.echo " | * Note lines have been wrapped for readability |"
- wscript.echo " |------------------------------------------------|"
- wscript.echo ""
- wscript.echo " Join domain: /domain <domainname> /user <username>"
- wscript.echo " /password <password> /createaccount"
- wscript.echo ""
- wscript.echo " Join domain with existing account: /domain <domainname>"
- wscript.echo " /user <username>"
- wscript.echo " /password <password>"
- wscript.echo ""
- wscript.echo " Unjoin from a domain: /unjoin /user <username> /password <password>"
- wscript.echo " "
- wscript.echo ""
- wscript.echo " Read Only join domain: /domain <domainname> /machinepassword <password>"
- wscript.echo " /dc <rodcname> /readonly"
- wscript.echo ""
- wscript.echo " Join workgroup: /workgroup <workgroupname>"
- wscript.echo ""
- wscript.echo ""
- wscript.quit -1
- end sub
- '
- ' Get the command line arguments
- '
- Set Args = Wscript.Arguments
- 'Set ArgCount = Args.Count
- ' Validation and Usage
- if Args.Count = 0 then
- wscript.echo "Help Requested"
- wscript.echo ""
- Usage
- end if
- if Args.Count > 0 then
- if Args(0) = "/?" or Args(0) = "-?" or Args(0) = "help" then
- wscript.echo "Help Requested"
- wscript.echo ""
- Usage
- end if
- if Args.Count < 1 then
- wscript.echo "Help Requested"
- wscript.echo ""
- Usage
- end if
- end if
- ' NetJoinDomain flags
- Const NETSETUP_JOIN_DOMAIN = 1
- Const NETSETUP_ACCT_CREATE = 2
- Const NETSETUP_ACCT_DELETE = 4
- Const NETSETUP_WIN9X_UPGRADE = 16
- Const NETSETUP_DOMAIN_JOIN_IF_JOINED = 32
- Const NETSETUP_JOIN_UNSECURE = 64
- Const NETSETUP_MACHINE_PWD_PASSED = 128
- Const NETSETUP_DEFER_SPN_SET = 256
- Const NETSETUP_JOIN_READONLY = 2048
- Const NETSETUP_INSTALL_INVOCATION = 262144
- ' Local state to track limited parameter validation
- Options = 0
- ReadOnly = 0
- Unsecure = 0
- JoinWorkgroup = 0
- UnjoinDomain = 0
- MachinePassword = 0
- ' Inputs for the join call
- strDC = ""
- strOU = ""
- strDomainName = ""
- strDomainNameAndDC = ""
- strPassword = ""
- strUserName = ""
- ' Collect parameters
- ArgNum = 0
- do while ArgNum < Args.Count
- if Args(ArgNum) = "/domain" or Args(ArgNum) = "/Domain" then
- strDomainName = Args(ArgNum+1)
- Options = Options + NETSETUP_JOIN_DOMAIN
- ArgNum = ArgNum + 1
- end if
- if Args(ArgNum) = "/user" or Args(ArgNum) = "/User" then
- strUserName = Args(ArgNum+1)
- ArgNum = ArgNum + 1
- end if
- if Args(ArgNum) = "/password" or Args(ArgNum) = "/Password" then
- strPassword = Args(ArgNum+1)
- ArgNum = ArgNum + 1
- end if
- if Args(ArgNum) = "/machinepassword" or Args(ArgNum) = "/MachinePassword" then
- strPassword = Args(ArgNum+1)
- MachinePassword = 1
- Options = Options + NETSETUP_MACHINE_PWD_PASSED
- ArgNum = ArgNum + 1
- end if
- if Args(ArgNum) = "/readonly" or Args(ArgNum) = "/ReadOnly" then
- Options = Options + NETSETUP_JOIN_READONLY
- ReadOnly = 1
- end if
- if Args(ArgNum) = "/unsecure" or Args(ArgNum) = "/Unsecure" then
- Options = Options + NETSETUP_JOIN_UNSECURE
- Unsecure = 1
- end if
- if Args(ArgNum) = "/workgroup" or Args(ArgNum) = "/WorkGroup" then
- JoinWorkgroup = 1
- strDomainName = Args(ArgNum+1)
- ArgNum = ArgNum + 1
- end if
- if Args(ArgNum) = "/dc" or Args(ArgNum) = "/DC" then
- strDC = Args(ArgNum+1)
- ArgNum = ArgNum + 1
- end if
- if Args(ArgNum) = "/ou" or Args(ArgNum) = "/OU" then
- strOU = Args(ArgNum+1)
- ArgNum = ArgNum + 1
- end if
- if Args(ArgNum) = "/unjoin" or Args(ArgNum) = "/Unjoin" then
- UnjoinDomain = 1
- ArgNum = ArgNum + 1
- end if
- if Args(ArgNum) = "/disable" or Args(ArgNum) = "/disable" then
- Disable = 1
- Options = Options + NETSETUP_ACCT_DELETE
- end if
- if Args(ArgNum) = "/createaccount" or Args(ArgNum) = "/CreateAccount" then
- Options = Options + NETSETUP_ACCT_CREATE
- end if
- ArgNum = ArgNum + 1
- loop
- ' Error reporting
- if ReadOnly = 1 then
- if MachinePassword = 0 then
- wscript.echo "ReadOnly requires MachinePassword"
- wscript.quit(-1)
- end if
- end if
- if Disable = 1 and UnjoinDomain = 0 then
- wscript.echo "Disable is only valid with the unjoin option"
- wscript.quit(-1)
- end if
- ' The username is optional and may need to be NULL when passed to the join API below
- if strUserName = "" then optionAux = NULL else optionAux = strUserName
- ' The OU is optional and may need to be NULL when passed to the join API below
- if strOU = "" then optionOU = NULL else optionOU = strOU
- ' Handle the case where this is a domain join and a DC was specified
- if strDC = "" then strDomainNameAndDC = strDomainName else strDomainNameAndDC = strDomainName & "\" & strDC
- wscript.echo strDomainNameAndDC
- Set objNetwork = CreateObject("WScript.Network")
- strComputer = objNetwork.ComputerName
- Set objComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!\\" & strComputer & "\root\cimv2:Win32_ComputerSystem.Name='" & strComputer & "'")
- 'ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomainName, strPassword, strDomainName & "\" & strUserName, NULL, NETSETUP_JOIN_DOMAIN + NETSETUP_JOIN_READONLY + NETSETUP_MACHINE_PWD_PASSED)
- ' Perform the join/unjoin operation
- if UnjoinDomain = 1 then
- ReturnValue = objComputer.UnjoinDomainOrWorkGroup(strPassword, optionAux, Options)
- else
- ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomainNameAndDC, strPassword, optionAux, optionOU, Options)
- end if
- ' Report success messages
- if ReturnValue = 0 then
- if JoinWorkgroup = 1 then
- wscript.echo "Welcome to the workgroup: " & strDomainName
- wscript.quit(0)
- end if
- if UnjoinDomain = 1 then
- wscript.echo "The machine was unjoined from the domain."
- wscript.quit(0)
- end if
- if JoinWorkgroup = 0 then
- wscript.echo "Welcome to the domain: " & strDomainName
- wscript.quit(0)
- end if
- else
- wscript.echo "Error: " & ReturnValue
- end if
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement