Powershell – Remotely renaming a domained Win 7 computer

I'm having a hard time figuring out how to rename a Windows 7 computer remotely. This is for automating Win 7 builds in a vSphere 5 environment, and I'm trying to get it as hands-off as I can. So far I've managed to get everything but the machine rename automated (or automatable).

WinRM is working, so remote powershell methods do work.

invoke-command -computername "W7-Img3-RPT49VA" -scriptblock {commands go here; have another one}

The above does work. I can do things like get directory listings and run commands. However, getting the domain changed hasn't worked. Per this SF question, I tried the following in the scriptblock:

$comp=get-wmiobject -class computersystem ; $comp.rename("W7-clone-42")

That returns ReturnValue : 5 which after much searching translates to "Access Denied". The other suggestion on that page:

wmic computersystem rename "W7-Clone-42"

Returns the unhelpful "Invalid Verb Switch". Another internet source suggests the following formulation:

wmic computersystem where Name="W7-Img3-RPT49VA" call rename name="W7-clone-42"

Which gives alternately Invalid Verb Switch, or invalid parameter. As a test, I ran the above command directly on my management station rather than via invoke-command and also got access-denied.

Going old-school, I copied netdom to the target machine.

netdom renamecomputer W7-Img3-RPT49VA /newname:W7-clone-42

Which gives me 'access denied'.

Throughout this all, the credentials I've been testing with have Domain Admin. The intent is to crank the exact priv down once I've identified the workable methods. The Security event-log on the target machine definitely shows the successful logins throughout all of this.

The alternate method, handle the rename through the vSphere System Customization process, is still available. I even have an answer file for it, but I don't know how to prepare the template-machine to allow it to be used. Either way will get me what I need.

What am I missing? The wmic syntax is clearly wrong, but the other two methods return 'access denied' so I have low hopes of it working once the correct syntax is worked out. Is this a UAC interaction problem?

Best Answer

I've always used the netdom renamecomputer method to do exactly what you are trying to do. On Windows Vista and 7, I encounter the same "access denied" error you do. You can work around this, though, by using the UserD and PasswordD switches:

netdom renamecomputer W7Img3-RPT49VA /newname:W7-clone-42 /UserD:DOMAIN\username /PasswordD:*

This will prompt you for your password, and then it will work without the "access denied" error. I imagine it has to do with the elevated token, but I am not sure.

Best Answer

Related Solutions

Powershell – SQL Server Agent Access Denied on remote Powershell registry command

Powershell – Issues with patching servers remotely using winrm and Microsoft.Update.Session

Related Topic