Share via

Check if computer exists in AD in WinPE Task Sequence ?

Pierre-Luc Ratelle 1 Reputation point
2021-11-17T16:57:06.6+00:00

We have 2 domains and recently updated our DCs to 2016. Before, a computer could exist in domain1 and be reimaged in domain2 with no problem.

Now, we can't. So some techs don't check if the computer exists in the other domain and the task sequence fails.

I would like to add a verification step in my TS to check if the computer exists in the other domain. So far, I got this working in my WIndows session but it doesn't work in WinPE since I guess the account running might not have the proper rights to query AD ?

$domain = "domain1.csrdn.lan"
$computerName = "xxxxx"



if ($domain -eq "domain1.csrdn.lan") {$domainINVERSE_FQDN = "DC=domain2,DC=csrdn,DC=lan" ; $domaineInverse = "domain2.csrdn.lan"}
if ($domain -eq "domain2.csrdn.lan") {$domainINVERSE_FQDN = "DC=domain1,DC=csrdn,DC=lan" ; $domaineInverse = "domain1.csrdn.lan"}


    $objDomain = [ADSI]("LDAP://$domainINVERSE_FQDN")

    $computerFilter = "(&(objectClass=Computer)(name=$computerName))" 
    $objSearcher = New-Object System.DirectoryServices.DirectorySearcher
    $objSearcher.SearchRoot = $objDomain 
    $objSearcher.PageSize = 1000

    $objSearcher.Filter = $computerFilter
    $ComputerDn = $objSearcher.FindOne()



    if ($ComputerDn) { .... }

I was wondering if you had a working way to check if the computer exists in another domain before being imaged ?

Microsoft Security Intune Configuration Manager Deployment
0 comments

6 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jason Sandys 31,406 Reputation points Microsoft Employee Moderator
    2021-11-19T18:37:54.61+00:00

    but in the end, it was not since it already exists in the other domain

    This is not a correct conclusion. Since this is a new OS instance, it's not part of any domain at all. There's something else going on here.

    Also, the Apply Network Settings task does not perform the device join. That task simply configured the in-use unattend.xml file which in turn is used during Windows Setup (which happens during the Setup and ConfigMgr task) to perform the join. Thus, the success of this task in no way indicates that the join succeeded. To troubleshoot this, you need to review the Windows setup log files including netsetup.log and setupact.log on the device.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.