Puppet – Join machine to the Windows AD Domain


install powershell module

puppet module installpuppetlabs-powershell
Under modules/module name/manifests folder create manifest file,password is encrypted with Hiera,after machine is joined to domain, it will be rebooted.
class domain_membership (
  $domain = 'ad.contoso.com',
  $username = 'administrator',
  $password = lookup('password'),
  $secure_password = false,
  $machine_ou      = 'OU=test,DC=ad,DC=contoso,DC=com',

$code = " 
$secStr=ConvertTo-SecureString '${password}' -AsPlainText -Force; 
if (-not $?) { 
write-error 'Error: Unable to convert password string to a secure string'; 
exit 10; 
$creds=New-Object System.Management.Automation.PSCredential( '${username}', $secStr ); 
if (-not $?) { 
write-error 'Error: Unable to create PSCredential object'; 
exit 20; 
Add-Computer -DomainName ${domain} -OUPath $_machine_ou -Restart -Force -Cred $creds; 
if (-not $?) { 
write-error 'Error: Unable to join domain'; 
exit 30; 
exit 0"

# Use the Josh Cooper PowerShell provider
exec { 'join_domain':

command => $code,
provider => powershell,
logoutput => true,
unless => "if ((Get-WMIObject Win32_ComputerSystem).Domain -ne '${domain}') { exit 1 }",


View original post

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s