(thecapt) 1

Really struggling with trying to do this attempted this using a following code without both firing back RPC errors, I have tried enabling WMI and RPC and Remote assistance on the firewall, group policy and registry without any luck, am I missing something simply here?

Add-Computer -ComputerName DESKTOP -DomainName test -NewName NEWNAME -Credential DOMAIN\Administrator -PassThru -Verbose -Restart -Force

$localCredential = Get-Credential -Message 'Enter Local Machine Creds'
$remoteCredential = Get-Credential -Message 'Enter Domain Joining Creds'

$cim = New-CimSession -ComputerName HOSTNAME -SessionOption (New-CimSessionOption -Protocol Dcom) -Credential $localCredential

Get-CimInstance -ClassName Win32_ComputerSystem -CimSession $cim |
    Invoke-CimMethod -MethodName JoinDomainOrWorkgroup -Arguments @{
        FJoinOptions = 3
        Name       = 'DOMAIN.local'
        UserName   = $remoteCredential.UserName
        Password   = $remoteCredential.GetNetworkCredential().Password
    }
3 Spice ups
2

Have you enabled WinRM on the remote machines?

https://www.infrasightlabs.com/how-to-enable-winrm-on-windows-servers-clients

3

Are the remote PCs are connecting to the main office using a VPN? The required ports shouldn’t be accessible over the internet without a VPN and many ISP block such traffic. Please post what the RPC errors say.

4

Double checked to make sure yes WinRM is enabled and running as per the insctructions but I am still getting RPC errors:

New-CimSession : The RPC server is unavailable.
At line:1 char:8
+ $cim = New-CimSession -ComputerName 192.168.1.100 -SessionOption (New ...
+        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [New-CimSession], CimException
    + FullyQualifiedErrorId : HRESULT 0x800706ba,Microsoft.Management.Infrastructure.CimCmdlets.NewCimSessionCommand
    + PSComputerName        : 192.168.1.100

and

VERBOSE: Performing the operation "Join in domain 'test'" on target "DESKTOP".
Add-Computer : Cannot establish the WMI connection to the computer 'DESKTOP' with the following error message:
Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)).
At line:1 char:1
+ Add-Computer -ComputerName DESKTOP-DomainName test -NewName  ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: (DESKTOPString) [Add-Computer], InvalidOperationException
    + FullyQualifiedErrorId : AddComputerException,Microsoft.PowerShell.Commands.AddComputerCommand

The remote PCs are on site, errors are as above

5

That’s most likely an issues on the remote PC.

  • Doublecheck you have the right machine name
  • Check if the machine is on and has network connection
  • Check firewall ( “Windows Management Instrumentation (WMI-In)” rule )
  • Check firewall (Windows Management Instrumentation (DCOM-In) rule
  • Check if WMI and it’s dependencies are running
    ( Remote Access Auto Connection Manager Remote Access Connection Manager Remote Procedure Call (RPC) Remote Procedure Call (RPC) Locator Remote Registry)
  • Check if DCOM is enabled ( Key: HKLM\Software\Microsoft\OLE, value: EnableDCOM [should be ‘Y’])
6

Completely face palmed myself - it helps if you enable the firewall rule once creating it.

Managed to get it working on our test lab just need to work out how to get it through the Avast firewall that is on all our client PCs and then this will save me going around forty computers individually.

7

Please let us know if you need any support – you can reach out directly here or via chat in your Avast Business console.

The Knowledge Base may be helpful too, something for you to bookmark if you ever need it!

@thecapt