Connect to the organization IDP or AD in WinPE (from MDT) and then continue installation.

lupinlicious 131 Reputation points
2022-01-23T08:59:14.997+00:00

Hello,

I'm wondering if it's possible to connect to the organizations AD from WinPE or Perhaps with IDP (identity provider) ?
When the user authenticates then the installation will continue, this is to avoid local accounts in the organization.

I have the following code for creation of local account and password, is it possible to modify it?

167485-image.png

Sorry for image, but having difficulties to add the code in plain text, I get access denied when I try to post the code.

Microsoft Deployment Toolkit
Microsoft Deployment Toolkit
A collection of Microsoft tools and documentation for automating desktop and server deployment. Previously known as Microsoft Solution Accelerator for Business Desktop Deployment (BDD).
825 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,354 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. lupinlicious 131 Reputation points
    2022-01-23T09:00:43.587+00:00

    Added the code in plaintext in a text file

    167552-the-code.txt

    0 comments
  2. AllenLiu-MSFT 40,076 Reputation points Microsoft Vendor
    2022-01-24T08:28:42.473+00:00

    Hi, @lupinlicious

    Thank you for posting in Microsoft Q&A forum.

    You may try to add the PowerShell Active Directory to WinPE to see if it helps:

    Here is the details:
    https://www.brookspeppin.com/2021/07/10/how-to-add-powershell-active-directory-module-to-winpe-mdt/
    (Please note: Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.)

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

  3. Limitless Technology 39,336 Reputation points
    2022-01-28T08:50:38.323+00:00

    Hi there,

    You can use a WMI on a DC with differed Credentials.

    (Get-WmiObject -Namespace 'root\directory\ldap' -Query "Select DS_info from DS_computer where DS_cn = $($AccountName)" -ComputerName $Domain -Credential $myADCred).$($Myattribute)

    $AccountName : is the name of the computer that you are searching in AD
    $Domain : fqdn name that points to your DC ex:(xyz.youtdomain.com)
    $MyADCred : is a credential object containing user and password with the necessary rights on AD $myattribute : is the info that you are searching from the computer in AD.

    --If the reply is helpful, please Upvote and Accept it as an answer--

    0 comments