Offline domain join through sensitive userdata blob
I. The sethostname plugin should check for specific userdata (starting with "ARAIAMzMz") and if such data is present, then these things happen:
a. The content of the userdata is passed through a temporary file for an offline domain join: "djoin.exe /requestODJ /loadfile <path> /localos /windowspath %systemroot%
b. The rest of the hostname logic is not executed (there is no reason for setting a host name)
[c. Even the logic from the setuserpassword shouldn't get executed (the blob contains a password too)] - NO
II. This blob of information can also be found in a multi-part kind of userdata and it should also be processed if is found, meaning that:
a. The userdata plugin should execute first and somehow, the specific part regarding the blob, should also be prioritized to let the others knowing about it (if is required)
[b. The data may be in gzip format but this will not lead to complications from checking point of view] - ASSUME TEXT
c. An additional userdata plugin should be created to actually make the offline djoin
III. There should be (non) multi-part checks under (sub)plugins which involve setting:
a. The host name.
[b. A password for the user.] - NO
IV. Finally, a reboot for this plugin will be required and for sure a reexecution of it in case of multi-part.
* Leave the multipart feature for a later patch.
Blueprint information
- Status:
- Started
- Approver:
- Alessandro Pilotti
- Priority:
- Undefined
- Drafter:
- Cosmin Poieana
- Direction:
- Needs approval
- Assignee:
- Cosmin Poieana
- Definition:
- Discussion
- Series goal:
- None
- Implementation:
-
Slow progress
- Milestone target:
- None
- Started by
- Cosmin Poieana
- Completed by
