While VMware vCloud Director 1.5.1 has a lot of flexibility, one thing it seems missing is getting VMs to join a specific OU in Active Directory Domain. Making your vApps VMs join a particular domain is quite easy using the vCloud Director web interface. All you have to do is to configure your domain information in your vCD, then configure the join domain parameters as showing in the below screenshot.
While configuring vCD to a level where it get vAPP VMs to join a specific Active Directory Domain is a straight forward task, getting those vAPP VMs to join in a specific OU require a bit more work and can be challenging for a first time vCD user. Actually vCD 1.5.1 does not have that capability out of the box by just using the web interface, but you will have to integrate it with vCO or create your own domain joining script.
Note: This has changed in vCD 5.1 & now you can do it directly from the GUI though if you still using vCD 1.5.x then please utilize the instruction below.
While many admins will panic when they hear that they have to create their script, in this scenario its easy enough that every one should be able to complete the task in less than 10 minutes. Further, as this has been frequently requested by my client I will show you in a step by step how to do it with a single line batch file. Further, I will show you how to conceal your password from being in clear text when running those batch files.
For those of you who would like a more sophisticated way of doing it, then you might want to look at how to achieve this using vCO. If you would like to learn more about how to achieve this using vCO, then you should look at Christophe Decanini post which can be found at: vCloud Director Custom Deploy vApp Workflow. For those who like to do it the simplest way possible then please continue reading.
The good news that vCD let you run a script as part of your customization process. You can easily create a script that can join VMs created by vCloud Director to the domain to a specific OU. You will need to upload your batch file or paste your code at the guest customization screen shown below:
For those of you who hate writing scripts and started scratching their head, below is a single line script that will join the VM to a specific OU in your Active Directory Domain.
netdom.exe join %COMPUTERNAME% /Domain:VirtualizationTeam.com /OU:OU=VCD,DC=VirtualizationTeam,DC=com /Userd:MYADUSERNAME /PasswordD:MYADUSERPASSWORD /Reboot
Quick Explanation of the above script: The above script will join the computer its running on to the Domain VirtualizationTeam.com to an OU called VCD. I believe the command is self explanatory and can be easily modified to your environment.
While the above do the trick, I doubt having your password in plain text is a great idea specially in a place where your vCloud End Users might be able to see it. While I am sure many of you can write a nice fancy Power Shell script that can conceal the passwords, I thought what is the simplest way of achieving so with the least amount of coding. After a bit of research I have found out that there is plenty of utilities out there that can convert your .bat file into .exe file and encrypt its content at the same time with few clicks. One example of these tools is “advanced BAT to EXE Converter” which can be downloaded for free at: http://www.battoexeconverter.com/
After converting your BAT file to an encrypted EXE file, all you have to do is to copy the file to a specific folder on your VM that you will use to create your vAPP template. Lets assume your exe file end up being named joindomain.exe & you put it in C:\VCD then all you have to do in your Guest Customization screen is use the following line for the customization script:
The below image demonstrate the configuration of your guest customization screen:
Alright I hope this help some of you automate more tasks within your vCloud Director without too much efforts doing it! Please leave me your feedback in the comment and if you have a better script doing the same thing in PowerShell, please share it with us & I will post it.