Azure-Arm Windows Domain Join

I am trying to build a fully baked image in Azure inclusive of software that requires the machine to be a domain member as a golden image source for Citrix. I am able to use a similar process and set of PowerShell scripts to provision against our VMWare clusters.

I have spent several days in Google with not too much success.

The build works up until I envoke the windows-restart provisioner following the execution of the domain join via the PowerShell script. I am receiving a 401 error in the Packer log. I have tried various things to reconfigure WinRM within the VM prior to the restart but nothing as worked.

Is Packer capable of creating a domain join VM image using Azure-ARM that includes executing scripts after the domain join and required reboot? If so, is there an example that could be referred to?

I know this is old, but I’m in the same position.

Did you find a solution?

I use a domain join extension as a post configuration.

I am in the same boat. Trying to join a Citrix image to our domain, but it fails the second the machine joins the domain (actually even before the restart). With some tests, I am pretty sure that is because the authentication with winrm changes to try and authenticate to the domain, but our Packer user specified with winrm_user is not on the domain, so it loses the connection with the machine completely.

I am still investigating this and posted an issue on packer’s Github… personally the domain join extension would really be a last resort, but we’ll see!

Same boat but I found a workaround for the problem with the broken WinRM connections. Check my blog post: HashiCorp Packer - azure-arm and Domain-Join Issue with WinRM - CitrixGuyBlog