Tranquil IT Forum

Wapt version: 2.6.0.16937 - Enterprise Edition
Server OS: Debian 12
Target operating systems: Windows 10 and 11
Os Machine administration: Win server 2022

Hello, we are encountering a problem when we want to change the name of a workstation in AD.
Case 1: we leave the position in the domain and we change its name.
After rebooting, the name in AD and on the workstation did change, but:
- Unable to log in with an AD account: Trust relationship error message
- When you want to "identify the workstation on the network", the workstation appears with its old name
- In the register, many keys appear with the old name of the position

Case 2: We remove the computer from the domain and change its name.
After rebooting, when trying to rejoin the computer to the domain, the tab remains greyed out We use the OS deployment function with the win10_with_join_ad_offline.xml and win11_with_join_ad_offline.xml configuration files and the Win10_22h2 and Win11_24h2 ISOs

However, if we deploy the OS using a USB drive (i.e., outside of WAPT), we never encounter this problem, even when using the same ISO files. Therefore, the problem seems to be related to WAPT.

Hello

, I identified this problem a year ago:
https://learn.microsoft.com/en-us/answe ... ws10-xml-d

I reported the problem to Microsoft, but nothing has changed. I tried removing WAPT from the loop to check if it was a WAPT issue or a purely Microsoft problem, and it's a Microsoft issue...

(There's a registry key trick in the article) to bypass the problem...

Thanks for the feedback. I confess I'm a bit confused. You mentioned a Microsoft issue, but if I create a bootable image with Windows on it, I don't encounter any problems renaming it (even multiple times).
The problem only appears if I deploy the OS using WAPT. Is it the deployment method that's causing the issue? Because we're using an XML file?

Hi Cédric,

this is related to offline joining with djoin, which is used by default in WADS for security reasons in the XML template. Whether you use Microsoft's djoin.exe or WAPT's djoin, it poses the same problem as long as the binary join blob is integrated into unattend.xml [1]. Hence Simon's comment that it's a Microsoft issue.

If you change your unattended XML template and use online joining (no djoin) as people usually do with MDT, this problem won't occur. However, from a security standpoint, it's strongly recommended not to leave join accounts in the XML files, so you're supposed to perform the join manually, meaning no fully automated deployment.

Note: offline join is also possible with MDT, but it's not well integrated, so people don't do it.

Note 2: We're considering doing the offline connection via post-installation instead of the XML file to avoid the Microsoft bug; we'll keep you updated.

Note 3: If you can open tickets with Microsoft, feel free to do so. However, given Microsoft's strategy is to put everyone in Azure, I don't know if it will be very effective.

Regards,

Denis

[1] https://learn.microsoft.com/en-us/windo ... ml-example

Thank you for the answer, I understand better now.