Passing AD credentials to add-computer

This topic contains 4 replies, has 3 voices, and was last updated by  Leonard Kong 3 years, 6 months ago.

  • Author
    Posts
  • #13516

    Leonard Kong
    Participant

    Hi Powershell guys,

    I have a script that I created to pass credentials onto add-computer which would automate joining that machine to the domain. It's been working since I created it but recently I had to change the password for some testing. The password length and complexity was the same (although I don't think it really would matter), but the script broke.
    Now whenever I run it, it tells me that my password is incorrect. If I take the passed credentials out and I just have it prompt me, the script works. That defeats the purpose though because it's supposed to be automated. Does anyone know why this could have happened? I've attached the script which contains the code and also the error message... Any help would be greatly appreciated!

     < # This function joins the VM to the domain #>
    function JoinDom {
    
    	Add-computer -domainname mydomain.domain -credential $Adcred -computername ipaddress -localcredential $cred -restart
    	"Rebooting VM after joining Domain..."
    
    }
    
    $creduser = "administrator"												
    $credpass = convertto-securestring -String "password" -AsPlainText -Force
    
    $cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $creduser,$credpass
    
    $Aduser = "domain\lkong"
    $Adpass = convertto-securestring -string "mixedcharacterspassword" -AsPlainText -Force
    
    $Adcred = new-object -typename System.Management.Automation.PSCredential -argumentlist $Aduser,$Adpass 

    ERROR MESSAGE:

    Add-computer : Computer 'xxx.xxx.xxx.xxx' failed to join domain 'mydomain.domain' from its current workgroup 'WORKGROUP'
    with following error message: The user name or password is incorrect.
    At C:\vmscripts\ADrename.ps1:13 char:2
    +     Add-computer -domainname mydomain.domain -credential $Adcred -computername $ip -lo ...
    +    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : OperationStopped: (128.149.3.171:String) [Add-Computer], InvalidOperationException
        + FullyQualifiedErrorId : FailToJoinDomainFromWorkgroup,Microsoft.PowerShell.Commands.AddComputerCommand 

    Thanks in advance!
    Leonard

  • #13517

    Richard Siddaway
    Moderator

    Obvious question – is the password in your script definitely the same as the one you set on the account?

    Have you looked in the credential object to view the password its storing?

    is there anywhere else the old credential might have been created/stored that's stopping the new one form being used?

  • #13520

    Leonard Kong
    Participant

    Hi Richard,

    Thanks to your prudent questions, I figured out what the problem was. The password i input in the script is the same one as the one on the account but when I checked the credential object using getnetworkcredential, I found that the conversion within the script doesn't accept certain characters. My password contained the "$" character which wasn't passed into the securestring. Once I changed my password and removed "$" it worked.

    Thank you!
    Leonard

  • #13524

    Don Jones
    Keymaster

    So, that problem is because you're using double quotes around your password. In double quotes, $ is a token to Powershell for variable replacement. As a practice, use single quotes for strings unless you explicitly need that feature of double quotes.

  • #13527

    Leonard Kong
    Participant

    Ahh I see... that's good to know. I'm going to change those double quotes to singles so this won't happen again. Thank you!

You must be logged in to reply to this topic.