Deploy a Domain Joined Nanoserver with DeployImage Module–Part 3

Yesterday we looked at configuring a static ip address on Nano Server through the use of SetupComplete.cmd but today we’ll add in the next piece, joining a Domain.

Again, we must keep in mind two things, the early age of Nano and the fact it’s still being developed.   So we’re missing some pieces.

There is first off no directly way through the Emergency console to add this to a Domain.  In fact there is no command that creates the account in Active Directory. 

Well that’s not EXACTLY true.    Nano Server supports an Offline Domain join.

To create an offline Domain join requires three steps

  • Create the offline Join file
  • Copy the file to the workstation/server
  • Execute an offline Join with the provided file

The other method involves injecting the text from the Domain Join file into an Unattend.xml, but I haven’t have any luck with the documented process on Technet.

In this scenario we would like to join a workstation to a Domain with the following settings.

Domain     : Contoso

Computer : Contoso-Nano1

Filename   : domainjoin.djoin

On a computer which has the RSAT tools for Active Directory we need to run the Djoin.exe Command to create the file needed.   We can run this manually for the stated configuration in the following manner.

Djoin.exe /Provision /Domain Contoso /Machine Contoso-Nano1 /Savefile domainjoin.djoin

We can also run this in PowerShell by providing objects to store the information.

Djoin.exe /Provision /Domain $Domain /Machine $Computername /Savefile $Filename

We then copy the file over to the destination file system in some manner.    Ideally we’ll put the file into maybe the same folder as the Setup\Scripts folder.

On the destination system we would run the follow command directly to join this system to a Domain.   The nice part is you do NOT need to be on the network to make this work once the file is the destination system.

After all, this is an offline Domain join.

Djoin.exe /RequestODJ /loadfile C:\Windows\setup\scripts\domainjoin.djoin /windowspath c:\windows /localos

Now to make this work we’ll be using the same process as yesterday with SetupComplete.cmd and a HereString only we’ll be appending it to the NetSh.exe content.


netsh interface ipv4 set address Name=”Ethernet” static $IPAddress $Subnet $Gateway
netsh dns set dnsservers name=”Ethernet” source=static address=$DNS
djoin /requestodj /loadfile $Filename /windowspath c:\windows /localos
shutdown -f -r -t 0

# Create the new one
Remove-Item -Path SetupComplete.cmd -Force -ErrorAction SilentlyContinue
New-Item -ItemType File -Name SetupComplete.cmd -Force | Out-Null
Add-content SetupComplete.cmd -Value $SetupCompleteCMD

Now with the Unattend.xml and the Setupcomplete.cmd in the appropriate locations if we were to inject the boot code the Nano Server will boot up, named as it should be, IP address assigned and joined to the appropriate Domain.

If you’d like a deeper look at the script performing this in action just access DeployImage from .

Once you install the Module (It has been tested under Windows 10 with the Windows 10 ADK installed) you can execute the following Cmdlet to get the sample scripts.


Just open up the script called DeployNanoServerVHDDomain.ps1 and have a field day.

If you have any comments or feedback please feel free to reach out at sean at powershell dot ca or submit comments, critique or pull requests on the Github source.


The EnergizedTech

Deploy a Domain Joined Nanoserver with DeployImage Module–Part 2

Yesterday we generated the content for Unattend.xml, today we’re going to work on something simple but necessary for many servers.   Assigning a Static IP address.

Now let’s remember, Nano Server is STILL in it’s early days, so we normally would have two options we can’t use at this time.

  • PowerShell Cmdlets for the Network Stack
  • Configuring the IP address using Unattend.xml

We CAN access Nano Server directly through the Text Console and configure an IP address Post install though which is a good option.   But in my case I’d prefer to have the settings injected and ready to go.

Presently you can still use NetSH.exe to configure the settings.

The default network adapter name in Nano Server is called “Ethernet” . In my scenario I would like to assign the following settings to a Nano Server

IPv4 Address :
Subnet            :
Gateway         :
DNS Server     :

We can assign these settings with two lines from NetSh.exe

netsh interface ipv4 set address Name=”Ethernet” static
netsh dns set dnsservers name=”Ethernet” source=static address=

But I’ll be you’re wondering how to get this configured after it boots up?   There is a Script called SetupComplete.cmd that you may not know of.  It’s special to the initial Windows startup that can exist at C:\Windows\Setup\Scripts.

Upon initial startup after processing Unattend.xml and before the login screen, the script will execute.   So we can build this script to autoconfigure our network with a little PowerShell and a HereString.


netsh interface ipv4 set address Name=”Ethernet” static $IPAddress $Subnet $Gateway
netsh dns set dnsservers name=”Ethernet” source=static address=$DNS

New-Item -ItemType File -Name SetupComplete.cmd -Force | Out-Null
Add-content SetupComplete.cmd -Value $SetupCompleteCMD

Our next phase is tomorrow when we perform the necessary tasks to join this machine to a Domain

Deploy a Domain Joined Nanoserver with DeployImage Module–Part 1

Over the last while I’ve put together a module called DeployImage with the goal to try and simplify some of the needs in deploying a WindowsIMage file.  

In particular my goal was to make NanoServer in it’s current state an easily deployable option for the average IT Pro.

So this weekend I did quite a bit of playing about with Nano and getting a fully deployed Nano server online. 

I won Smile

Deploying Nano Server is no different than and other WIM file.   The problem you must compensate for is it is headless environment.

This means you should plan to have certain tasks already done within the server without actually touching it.   Things like

  • Assigning a Static IP address
  • Naming the workstation
  • Joining it to a Domain

Now in truth I COULD do most of this through PowerShell remotely once I use WinRM and adding it to TrustedHosts.   But I prefer to have the system up and running and done in a more fully automated fashion.

Within the DeployImage module I added a cmdlet to obfuscate the creation of the XML file you need.   To create an unattend.xml file you can use the following Cmdlet

New-UnattendXMLContent -Computername Contoso-Nano1 -Timezone ‘Eastern Standard Time’ -Owner ‘Contoso’ -Organization ‘Contoso’ -AdminPassword ‘P@ssw0rd’

This will generate the XML content for a Computer with the following specs

Name             : Contoso-Nano1
TimeZone      : Eastern Standard Time
Owner            : Contoso
Organization : Contoso
Password       : P@ssw0rd

(The Password referred to is the Default Administrator account)


# Create the Unattend.xml file
$XMLContent=New-UnattendXMLContent -Computername Contoso-Nano1 -Timezone ‘Eastern Standard Time’ -Owner ‘Contoso’ -Organization ‘Contoso’ -AdminPassword ‘P@ssw0rd’
New-Item -ItemType File -Name Unattend.xml -Force | Out-Null
Add-content Unattend.xml -Value $XMLContent

At this point you’ll need to copy the Unattend.xml file into the Destination file structure under C:\Windows\system32\sysprep

Pop in tomorrow and we’ll look at configuring the IP address and Joining it to a Domain.

The Energized Tech