Connect to the organization IDP or AD in WinPE (from MDT) and then continue installation.

lupinlicious 121 Reputation points


I'm wondering if it's possible to connect to the organizations AD from WinPE or Perhaps with IDP (identity provider) ?
When the user authenticates then the installation will continue, this is to avoid local accounts in the organization.

I have the following code for creation of local account and password, is it possible to modify it?


Sorry for image, but having difficulties to add the code in plain text, I get access denied when I try to post the code.

Microsoft Deployment Toolkit
Microsoft Deployment Toolkit
A collection of Microsoft tools and documentation for automating desktop and server deployment. Previously known as Microsoft Solution Accelerator for Business Desktop Deployment (BDD).
558 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
4,747 questions
No comments
{count} votes

3 answers

Sort by: Most helpful
  1. lupinlicious 121 Reputation points

    Added the code in plaintext in a text file


  2. AllenLiu-MSFT 24,131 Reputation points Microsoft Vendor

    Hi, @lupinlicious

    Thank you for posting in Microsoft Q&A forum.

    You may try to add the PowerShell Active Directory to WinPE to see if it helps:

    Here is the details:
    (Please note: Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.)

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

  3. Limitless Technology 37,526 Reputation points

    Hi there,

    You can use a WMI on a DC with differed Credentials.

    (Get-WmiObject -Namespace 'root\directory\ldap' -Query "Select DS_info from DS_computer where DS_cn = $($AccountName)" -ComputerName $Domain -Credential $myADCred).$($Myattribute)

    $AccountName : is the name of the computer that you are searching in AD
    $Domain : fqdn name that points to your DC ex:(
    $MyADCred : is a credential object containing user and password with the necessary rights on AD $myattribute : is the info that you are searching from the computer in AD.

    --If the reply is helpful, please Upvote and Accept it as an answer--