What if the machine gets failed during the task sequence execution and not joined
the domain too? ☹ How to login machine for further
troubleshooting?? Is there any mechanism to create a local admin account??? (there
are so many organizations not enabling the built-in administrator for security
purposes)?
Yes, we can create the custom local administrator account and add them to the local administrators’ group. Also, we can set the password expiry - wmic useraccount where name='localadmin' set passwordexpires=false and password to the account - net user /add localadmin P@$$W)rd (you can choose a local admin username and password as per your requirement).
This script is more important because there is one default function also
available in TS to use the built-in administrator or rename and use it. Then
why we are putting extra effort and using this script?
The advantage is we are not creating the local administrator account if everything goes well, instead of, if domain join is failed then only, we are going to create custom local account to enable to local login functionality and help technician to gather the logs and take further action.
How does the Task Sequence know if the machine is joined the domain or not? There
are TciIp parameters that help us to know that the machine is joined domain or not!
While running the command line step into the task sequence, you must have to
specify the conditional execution in the step options area.
The below command will create the local user and add them to the administrator's
group.
net localgroup administrators localadmin /add
No comments:
Post a Comment
Leave your valuable words here for improve better.