You are here:   Research
  |  Login

Welcome to my blog, quickest way to find articles is usually to search for them.

Minimize
Search in All Title Contents
 
     

ADSI plugin for WinPE 5.0

Dec 05 2013

Back in 2005 I wrote my first ADSI for plugin WinPE (WinPE 2005 or v1.6), and per request I have since then updated it for every WinPE release... This is the release for WinPE 5.0 (part of ADK 8.1).

Note: I don't recommend using ADSI in WinPE. It's not supported by Microsoft, and this release is only intended to support existing solutions using it. Instead you really should use web services to interact with Active Directory from WinPE. Check out https://prettygoodfrontend.codeplex.com for ready-made web services for Active Directory, including source code.

Update 2014-04-08: You can also import this plugin as a driver to MDT (using Out-Of-Box Drivers), thanks bseifert55 for the tip. So it's automatically being added when updating the boot image.

WinPE 5.0 ADSI Plugin download

Detailed installation instructions can be found in the archive Readme.txt file.

Previous ADSI Plugin releases are found on the following links:

WinPE 4.0 ADSI Plugin
http://www.deploymentresearch.com/Research/tabid/62/EntryId/74/ADSI-plugin-for-WinPE-4-0.aspx

WinPE 3.0 ADSI Plugin
http://www.deployvista.com/Repository/tabid/71/EntryId/60/DMXModule/396/language/sv-SE/Default.aspx

WinPE 2.0 ADSI Plugin
http://www.deployvista.com/Repository/WindowsPE20/tabid/73/language/sv-SE/Default.aspx

WinPE 1.6 ADSI Plugin
http://www.myitforum.com/articles/2/view.asp?id=8810

Additional Info

image

 

Note: If your domain controllers are running Windows Server 2012 or Windows Server 2012 R2, the ADSI connection (which is using NTLM) may be restricted (default configuration). If NTLM is restricted, you get the following error when trying to run the built-in sample script (Connect_to_DC_Sample.vbs): Active Directory: The server is not operational

Workaround: You can relax (and audit) the settings for NTLM, by configuring a group policy that sets the following:

Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers = Audit All
Network security: Restrict NTLM: Audit NTLM authentication in this domain = Enable all
Network security: Restrict NTLM: Audit Incoming NTLM Traffic = Enable auditing for all accounts

image

In addition to allowing the traffic, you can then see the audit logs in the Event Viewer (Event Viewer (Local)\Applications And Services Logs\Microsoft\Windows\NTLM\Operational)

image

 

Happy Deployment,
/Johan









Deployment News


Happy deployment, and thanks for reading!


What our lawyers makes us say:

This information is provided "AS IS" with no warranties, confers no rights and is not supported by the authors or Deployment Artist.

Copyright © 2017 by Deployment Artist (the company behind deployment research). All rights reserved. No part of the information on this web site may be reproduced or posted in any form or by any means without the prior written permission of the publisher.

Shorthand: Don't pass off our work as yours, it's not nice.

Blog Archive

Minimize




Where you can meet us!

Live Stream Recordings
ConfigMgr 1806 and W10 OSD

5 Days - Mega Geek Week 
(multiple classes, ConfigMgr, OSD etc.)
- Johan Arwidmark, Mikael Nystrom...
Jun 10, 2019, Chicago, IL, US

4 Days - Windows 10 OSD Classes
- Johan Arwidmark
May 20, 2019, San Diego, CA, US
Jun 17, 2019, Culemborg, NL
Jul 8, 2019, Phoenix, AZ, US

5 days - ConfigMgr Classes
- Johan Arwidmark and Kent Agerlund
Apr 8, 2019, Chicago, IL, US
Apr 22, 2019, Houston, TX, US

Video-based trainings
https://online.truesec.com
https://deploymentartist.com/Training/Videos

MDT, Windows 10 and ConfigMgr Books
http://deploymentartist.com/Books

Contact Info
http://deploymentresearch.com/theteam