One great thing about Windows Azure PowerShell is the ability to join a VM to an Active Directory domain during provisioning, this ability is not available in the portal. Joining a domain during Windows setup is nothing new, and it is accomplished by using the normal Windows unattended setup mechanism; namely unattend.xml. In unattend.xml you can specify the following information about the domain you want to join and the account that has permissions to perform the join operation in the directory (excerpt has been edited for readability):
Domain join during unattended setup is done with the djoin.exe executable, so to debug domin join we need to search for that in setupact.log. Also searching for the words Warning or Error could reveal useful information. This is an excerpt from the setupact.log with the error I encountered:
Running unattended automations on user accounts is typically done by developers debugging their automation projects, and business users running automations under their own identity, but on server-side resources instead of their local machines.
Users can debug and run processes from all folders they have access to. They can use unattended infrastructure for execution, provided that an administrator has allocated to that folder the physical resources to run unattended automation, that is they assigned to that folder a machine template object with at least one runtime. Typically, for debugging, a NonProduction runtime is used.
You can also use Studio for its remote debugging capabilities. It allows running and debugging attended and unattended processes on remote machines, including on Linux robots that can run cross-platform projects.
In attended mode, the UiPath Assistant shows the processes across all the folders the account is assigned to. These processes cannot be started or triggered in unattended mode from Orchestrator unless it's for debugging purposes. See Studio design and Orchestrator debugging.
To build workflows in Studio while debugging in Orchestrator you need both an attended and an unattended robot created for the developer. An admin can create an attended and an unattended robot following these steps:
Following that the AIB is not GA, we are required to register the preview service. Follow this guide from Microsoft to VirtualMachineTemplatePreview for the preview. -us/azure/virtual-machines/windows/image-builder-powershell#register-features . This step is not required when GA!
I am using the Apply Network Settings step to join the domain. I have it set to run before the Setup windows and ConfigMgr. I created a simple task sequence. Below are my steps. The machine still does not join the domain. Is my order incorrect?
If I look at c:\windows\panther\unattendedGC, I see the setupact.log. When I look in it, I can see where the domain and account for joining are present. When it tries to join the domain, the below error messages are present.
Note: This snippet creates extra users in the unattended stage.This may be very useful for debugging early stages of your deployment; since youcan find yourself locked out of the newly provisioned host. 2b1af7f3a8