ComputerManagementDsc icon indicating copy to clipboard operation
ComputerManagementDsc copied to clipboard
verified publisher icon dsccommunity

Computer: AD object should not be deleted when using PasswordPass and UnsecuredJoin options or JoinReadOnly option

Open webalexeu opened this issue 9 months ago • 0 comments

Problem description

When using PasswordPass and UnsecuredJoin options or JoinReadOnly option means AD computer object has been pre-created within Active Directory prior to domain join and should not be deleted

This combination of commands creates a new computer account with a predefined name and temporary join password in a domain using an existing domain-joined computer.

https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.management/add-computer?view=powershell-5.1

Verbose logs

Current dsc resources is deleting AD computer object previously created so domain join is failing as it's expecting the computer object to exist already

DSC configuration

Computer DomainJoin
        {
            Name        = "server"
            Description = "Test Server"
            DomainName  = "contoso.com"
            Credential  = $Cred
            JoinOU      = "CN=Computers,DC=contoso,DC=com"
            Options     = @('PasswordPass','UnsecuredJoin ')
        }

Suggested solution

PR https://github.com/dsccommunity/ComputerManagementDsc/pull/447

Operating system the target node is running

NA

PowerShell version and build the target node is running

NA

ComputerManagementDsc version

v9.2.0

webalexeu avatar May 16 '25 15:05 webalexeu