A lot of people find it hard to auto join a Windows EC2 (2008 R2) to AD, without using the Amazon AD Connector. Sometimes on top of that you want to autologin and run some scripts. Imagine having to manually login to 100s of servers to run a program. It can easily be done if you follow these steps. You have created your VPC, VPN is up an running and you want to launch x number of Windows instances and autojoin your Domain. The next step is to install all updates, all required programs and do any housekeeping needed. I would also strongly suggest to create another admin user.

When finished locate win2008.xml and open it by using any editor. Delete everything and paste the code shown below. Replace some values, with your domain name, OU Path, username, password. Save it and move to next step.

[code]<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="generalize">
<component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
<DoNotCleanUpNonPresentDevices>true</DoNotCleanUpNonPresentDevices>
</component>
<component name="Microsoft-Windows-Security-SPP" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SkipRearm>1</SkipRearm>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<InputLocale>en-US</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>
</component>
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<AutoLogon>
<Enabled>true</Enabled>
<LogonCount>9999</LogonCount>
<Username>Domain\Username</Username>
<Password>
<Value>Password-Here</Value>
<PlainText>true</PlainText>
</Password>
</AutoLogon>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
<NetworkLocation>Other</NetworkLocation>
<ProtectYourPC>3</ProtectYourPC>
</OOBE>
<TimeZone>UTC</TimeZone>
<RegisteredOrganization>Amazon</RegisteredOrganization>
<RegisteredOwner>EC2</RegisteredOwner>
</component>
</settings>
<settings pass="specialize">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<RegisteredOrganization>Amazon</RegisteredOrganization>
<RegisteredOwner>EC2</RegisteredOwner>
<ComputerName>*</ComputerName>
<CopyProfile>true</CopyProfile>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<fDenyTSConnections>false</fDenyTSConnections>
</component>
<component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Identification>
<UnsecureJoin>False</UnsecureJoin>
<Credentials>
<Domain>Enter-Domain-Name-Here</Domain>
<Password>Enter-Password-Here</Password>
<Username>Enter-Username-Name-Here</Username>
</Credentials>
<JoinDomain>Enter-Domain-Name-Here</JoinDomain>
<MachineObjectOU>OU=Session Hosts,OU=Servers,DC=MyDomain,DC=local </MachineObjectOU>
</Identification>
</component>
<component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<UserAuthentication>0</UserAuthentication>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>net user Administrator /ACTIVE:YES /LOGONPASSWORDCHG:NO /EXPIRES:NEVER /PASSWORDREQ:YES</Path>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>"C:\Program Files\Amazon\Ec2ConfigService\ScramblePassword.exe" -u Administrator</Path>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>3</Order>
<Path>"C:\Program Files\Amazon\Ec2ConfigService\Scripts\SysprepSpecializePhase.cmd"</Path>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
</component>
</settings>
<cpi:offlineImage cpi:source="wim:c:/wimbuild/server2008r2x64/install.wim#Windows Server 2008 R2 SERVERDATACENTER" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>[/code]

Download https://technet.microsoft.com/en-us/sysinternals/bb963905.aspx. Install it/ run it and enter your domain credentials

Now you are ready to sysprep. Run ec2config and on the Image Tab, click on “Shutdown with Sysprep”

windows ami-ec2config

Wait for the instance to Shutdown. Go on Amazon EC2 Dashboard -> Instances, click the Windows instance and create an image.

When image is ready launch a new EC2 from it and watch it joining the domain and autologin.

Next you can create a launch configuration and autoscaling group

*Note: If you wish you can tweak ec2config settings before running sysprep

Leave a Reply

Your email address will not be published. Required fields are marked *