最近公司在实施AD域方案,为减少工作量,研究了下自动加入域的脚本,还不错,基本上加入域的步骤都考虑进去去了,很方便.


 

set objShell=wscript.createObject("wscript.shell")  
wscript.echo "确定加入域,整个过程大概要1分钟左右。"

 

//连接到文件服务器上服务器,0表示CMD无前台黑窗提示,true表示只有前条正确执行后才执行下一条.

objShell.Run "cmd.exe /c net user %username% password",0,true

objShell.Run "cmd.exe /c label d: d",0,true

objShell.Run "cmd.exe /c echo d|convert d: /fs:ntfs /x",0,true

objShell.Run "cmd.exe /c reg add ""HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\

Advanced\Folder\SimpleSharing"" /v ""DefaultValue"" /t reg_dword /d ""00000000"" /f>nul",0,true 
      objShell.Run "cmd.exe /c reg add ""HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\

Advanced\Folder\SimpleSharing"" /v ""CheckedValue"" /t reg_dword /d ""00000000"" /f>nul",0,true 
      objShell.Run "cmd.exe /c reg add ""HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\

Advanced\Folder\SimpleSharing"" /v ""UncheckedValue"" /t reg_dword /d ""00000000"" /f>nul",0,true

 

//修改本地连接主DNS为PDC服务器地址,如果PDNS和PDC做在同一服务器上的话.修改辅助DNS为10.10.10.11,

objShell.Run "cmd.exe /c netsh interface ip set dns ""本地连接"" static 10.10.10.10 primary",0,true 
objShell.Run "cmd.exe /c netsh interface ip add dns ""本地连接"" 10.10.10.11",0,true

 

//修改TCP NETBIOS服务状态为自动,并启动netbios服务,不然会提示加入域失败.

objShell.Run "cmd.exe /c sc config LmHosts start= AUTO",0,true

objShell.Run "cmd.exe /c net start lmhosts",0,true

 

 

//连接文件服务器,拷贝一个设置好的用户配置文件模板作为新建用户的配置. 新建D:\backup 目录 并修改注册表默认新建帐号的配置文件目录为D:\backup\

objShell.Run "cmd.exe /c net use \\10.10.10.100   password /user:netsun",0,true

objShell.Run "cmd.exe /c md d:\backup",0,true

objShell.Run "cmd.exe /c xcopy ""\\10.103.33.7\软件\Default User"" ""d:\backup\Default User\"" /E /H /k",0,true 
objShell.Run "cmd.exe /c reg add ""HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList"" /v ""ProfilesDirectory"" /t reg_expand_sz /d ""d:\backup"" /f>nul",0,true

 

//使用winmgmts服务实现加入域的功能

//strDomain = "domain.local"   域名

//strPassword = "user"  
//strUser = "password"

 

Const JOIN_DOMAIN = 1 
Const ACCT_CREATE = 2 
Const ACCT_DELETE = 4 
Const WIN9X_UPGRADE = 16 
Const DOMAIN_JOIN_IF_JOINED = 32 
Const JOIN_UNSECURE = 64 
Const MACHINE_PASSWORD_PASSED = 128 
Const DEFERRED_SPN_SET = 256 
Const INSTALL_INVOCATION = 262144 
strDomain = "domain.local" 
strPassword = "user" 
strUser = "password" 
Set objNetwork = CreateObject("WScript.Network") 
strComputer = objNetwork.ComputerName 
Set objComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!\\" & _ 
strComputer & "\root\cimv2:Win32_ComputerSystem.Name='" & _ 
strComputer & "'") 
ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _ 
strPassword, strDomain & "\" & strUser, NULL, _ 
JOIN_DOMAIN + ACCT_CREATE)

 

//将 domain users 加入到本机的administrator组中,这个根据需要来做.

objShell.Run "cmd.exe /c net localgroup administrators ""domainname\domain users"" /add",0,true

 

//加入域成功之后自动重启电脑

wscript.echo "确定重启电脑,请关闭所有窗口,保存好数据!"

Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate,(Shutdown)}!\\" & "." & "\root\cimv2") 
Set colOperatingSystems = objWMIService.ExecQuery ("Select * from Win32_OperatingSystem") 
For Each objOperatingSystem in colOperatingSystems 
ObjOperatingSystem.Reboot() 
Next

 

以上vbs脚本文件可以使用 文件改造者来转换成EXE文件,发给客户端直接运行即可.

 

 

脚本主要的一些改动

1,修改本机用户密码,以免用户加域后从本机登录

2,改动D盘为NTFS格式,去掉系统文件夹选项的简单共享,方便做权限.

3,改动本地连接的DNS为DNS服务器地址,这里有点勉强,应为不是所有的机器网卡都是本地连接,不过一般只要不是双卡的都正确的.

4,开启机器的NetBios解析服务,不然会提示加域失败的.

5,从文件服务器上拷贝一个修改好的默认配置文档到机器的D:\backup,并修改注册表默认配置文件路径为D:\backup,这样做是为了以后装系统方便,不用导出用户在C盘上的资料,如桌面和搜藏夹等等.

6,将Domain users组加入到本机的administrators组中,这个因环境而定

7,加域成功后自动重启,

 

我把样本贴出来,具体的参数还是要根据实际情况改的.