diff options
| -rw-r--r-- | posts/installing-windows-madison.md | 49 |
1 files changed, 48 insertions, 1 deletions
diff --git a/posts/installing-windows-madison.md b/posts/installing-windows-madison.md index 2e1c04c..b1da2d2 100644 --- a/posts/installing-windows-madison.md +++ b/posts/installing-windows-madison.md @@ -1,12 +1,59 @@ -title: installing Windows at Madison +title: Windows 11 Deployment date: 2025-06-24 Here are my "public notes" for how to install Windows properly on University of Wisconsin--Madison machines. # Create Bootable USB +Create a [Ventoy USB Drive](https://www.ventoy.net/). + +Download [Windows 11 ISO](https://www.microsoft.com/en-us/software-download/windows11) and add to Ventoy. +Note you want Windows 11 Pro. + # Install Windows with Offline Account +Assuming you are overwriting an existing Windows machine, you probably need to bypass fast start up to access the boot menu and/or BIOS. +The first step is to boot into Windows "Troubleshoot" mode. +On Windows 10, this can be done through "Advanced Startup" > "Restart Now". + +In the Windows Troubleshoot Menu, "Troubleshoot" > "Advanced" > "Advanced". +This should get you into the boot manager so you can boot from Ventoy. +You might need to modify the BIOS settings to allow booting from the USB stick, that all depends on the machine. + +Once you boot the Windows Installer, remove all the existing partitions. +Give the machine a name like "CHEM-WK-624A", where "WK" means workstation and "624A" can be anything you want. +Create a local account called "comphelp" with a temporary password you can remember. +By naming your account "comphelp" the Active Directory rules will clobber your password, which is convinient. +Finish the install process and reboot into Windows 11. + # Force Windows to Join Active Directory +Comphelp has created a special account which only has the permission to force machines onto Active Directory. +This is a safe action, so the account credentials are fine to share publically. + +Open Powershell as Admin. +Create the credential object: + +``` +PS C:\Users\comphelp> $credential = Get-Credential +``` + +Enter in the special account credentials: + +``` +AD\svc-djoin-chem +XsZLaQLC/g,y_Y7V@C[f +``` + +Now, add the computer to AD: + +``` +Add-Computer -DomainName ad.wisc.edu -OUPath "OU=Computers,OU=CHEM,OU=orgUnits,DC=ad,DC=wisc,DC=edu" -Restart -Credential $credential +``` + # Get Admin + +Email comphelp@chem.wisc.edu with the name of the computer and ask for Admin permissions. +They will be able to allow this in the domain controller. + +Once you have rights, you have to run the "Make Me Admin" application to actually elevate permissions. |