banner

[Identification]

Answer File = Unattend.txt and Sysprep.inf

The [Identification] section contains entries for specifiying the network identification of a computer. If these entries are not present, Setup adds the computer to the default workgroup. If there is not enough information for this entry, Setup prompts the end user to provide this information.

Entry Description
DomainAdmin Specifies the name of the user account in the domain that has permission to create a computer account in that domain
DomainAdminPassword Specifies the password of the user account as defined by the DomainAdmin entry.
JoinDomain Specifies the name of the domain in which the computer participates.
JoinWorkgroup Specifies the name of the workgroup in which the computer participates.
MachineObjectOU Specifies the full Lightweight Directory Access Protocol (LDAP) path name of the organizational unit (OU) in which the computer belongs.

Sample

This sample demonstrates one use of the [Identification] section of Unattend.txt.

[Identification]
DomainAdmin = PatC
DomainAdminPassword = "abcdef123"
JoinDomain = MYDOMAIN
JoinWorkgroup = MYUSERGROUP
MachineObjectOU = "OU = myou,OU = myparentou,DC = mydom,DC = mycompany,DC = com"

DomainAdmin

Specifies the name of the user account in the domain that has permission to create a computer account in that domain.

Syntax DomainAdmin = account_name
Value account_name
Dependencies This entry is required if you set a value for JoinDomain, even though the computer account might already exist on the domain.
Example 
DomainAdmin = PatC
Comments For deployment, use an account with limited privileges that can only create computer accounts and join them to the domain. Alternatively, use the Visual Basic Script described in JoinDomain.

icon Return to top

DomainAdminPassword

Specifies the password of the user account as defined by the DomainAdmin entry.

Syntax DomainAdminPassword = "password_of_user_account"
Value password_of_user_account
Dependencies This entry is required if you set a value for JoinDomain, even though the computer account might already exist on the domain.
Example 
DomainAdminPassword = "abcdef123"
Comments

Important

  • The password is deleted from the $winnt$.inf file, which is a copy of the original Unattend.txt file left on the computer after Setup completes. However, using JoinDomain, DomainAdmin, and DomainAdminPassword to join the computer to the domain is still a potential security issue because the password is in plain text. If anyone has access to the original Unattend.txt or Sysprep.inf file, they can use that password to access your network.

    Instead, the recommended best practice is to use Active Directory Services Interface (ADSI) and Windows Script Host (WSH) to create a Visual Basic Script (VBScript) that automates the creation of computer accounts. A sample script is given in the Microsoft Knowledge Base, article Q315273 (http://support.microsoft.com/default.aspx?scid=kb;en-us;q315273).

icon Return to top

JoinDomain

Specifies the name of the domain in which the computer participates.

Syntax JoinDomain = domain_name
Value domain_name
Example 
JoinDomain = MYDOMAIN
Comments You can specify either this entry or the JoinWorkgroup entry, but you cannot specify both.

Important

  • Use an account with limited privileges that can only create computer accounts and join them to the domain.
  • Otherwise, instead of using JoinDomain, the recommended best practice is to use Active Directory Services Interface (ADSI) and Windows Script Host (WSH) to create a Visual Basic Script (VBScript) that automates the creation of computer accounts. A sample script is given in the Microsoft Knowledge Base, article Q315273 (http://support.microsoft.com/default.aspx?scid=kb;en-us;q315273).

icon Return to top

JoinWorkgroup

Specifies the name of the workgroup in which the computer participates.

Syntax JoinWorkgroup = workgroup_name
Value workgroup_name
Example 
JoinWorkgroup = MYUSERGROUP
Comments You can specify either this entry or the JoinDomain entry, but you cannot specify both.

icon Return to top

MachineObjectOU

Specifies the full Lightweight Directory Access Protocol (LDAP) path name of the organizational unit (OU) in which the computer belongs.

Syntax MachineObjectOU = DNS_name, LDAP_path
Values DNS_name, LDAP_path
Example 
MachineObjectOU = "OU = myou,OU = myparentou,DC = mydom,DC = mycompany,DC = com"

icon Return to top