Offline domain join through sensitive userdata blob

Registered by Cosmin Poieana on 2015-07-16

I. The sethostname plugin should check for specific userdata (starting with "ARAIAMzMz") and if such data is present, then these things happen:
a. The content of the userdata is passed through a temporary file for an offline domain join: "djoin.exe /requestODJ /loadfile <path> /localos /windowspath %systemroot%
b. The rest of the hostname logic is not executed (there is no reason for setting a host name)
[c. Even the logic from the setuserpassword shouldn't get executed (the blob contains a password too)] - NO

II. This blob of information can also be found in a multi-part kind of userdata and it should also be processed if is found, meaning that:
a. The userdata plugin should execute first and somehow, the specific part regarding the blob, should also be prioritized to let the others knowing about it (if is required)
[b. The data may be in gzip format but this will not lead to complications from checking point of view] - ASSUME TEXT
c. An additional userdata plugin should be created to actually make the offline djoin

III. There should be (non) multi-part checks under (sub)plugins which involve setting:
a. The host name.
[b. A password for the user.] - NO

IV. Finally, a reboot for this plugin will be required and for sure a reexecution of it in case of multi-part.

* Leave the multipart feature for a later patch.

Blueprint information

Status:
Started
Approver:
Alessandro Pilotti
Priority:
Undefined
Drafter:
Cosmin Poieana
Direction:
Needs approval
Assignee:
Cosmin Poieana
Definition:
Discussion
Series goal:
None
Implementation:
Slow progress
Milestone target:
None
Started by
Cosmin Poieana

Related branches

Sprints

Whiteboard

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.