Introduction
When setting up the configuration for Drop Ship Provisioning (Offline) and you’ld like to configure the hostname format, You may be disappointed when you notice the little forbidden icon:
If you export the unattended.xml file from the UEM console, you’ll see the following output for the <hostname> attribute:
<ComputerName>*</ComputerName>Looking at the Microsoft documentation, there’s indeed not a lot of options you can pick from:
- If ComputerName is not specified, a random computer name is generated.
- If ComputerName set to an asterisk (*) or is included but empty (“”), Windows creates a random 15-character name using up to 7 characters from FullName and Organization, then a dash, then more random characters.
So VMware is simply following Microsoft guidelines.
Now, there might be reasons for you to want to set a hostname following your own standards, rather than the combination of ‘Organization Name + random string’.
Solution
Here’s how I worked around that by editing the unattend.xml file:
In the last bit of the unattend.xml file, you’ll find the <FirstLogonCommands> section. As the name implies, these commands are run immediately after the first user logs in to the OS. They are numbered, meaning they run one after the other.
In my case, I had to make sure the hostname matches the serial number of the device, so I added this <SynchronousCommand> in the <FirstLogonCommands> section and made sure it was executed as first command:
<SynchronousCommand wcm:action="add">
<CommandLine>C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe -executionpolicy bypass -noprofile -command "(Get-WmiObject win32_computersystem).Rename((Get-WmiObject 'win32_bios').serialnumber.trim())"</CommandLine>
<Description>Rename PC to Serial</Description>
<Order>1</Order>
<RequiresUserInput>false</RequiresUserInput>
</SynchronousCommand>Since we also had to domain join the devices, a reboot prior to the domain join is required. To achieve that, I added a reboot command to the unattend.xml:
<SynchronousCommand wcm:action="add">
<CommandLine>C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe -executionpolicy bypass -noprofile -command "shutdown /r /t 0; cmd.exe /K restarting computer to set name"</CommandLine>
<Description>Reboot to Rename</Description>
<Order>2</Order>
<RequiresUserInput>false</RequiresUserInput>
</SynchronousCommand>Notice the second part of the instruction:
cmd.exe /K restarting computer to set nameAll the commands in the <FirstLogonCommands> section are executed immediately after the previous one has completed. So if I would only use ‘shutdown /r /t 0’, the device would continue with the next command, even before the reboot had been properly completed. As the next command in our unattend.xml happens to be the command that enrolls the device in UEM, this resulted in a failed enrollment.
To prevent the unattend.xml from starting this enrollment command, we launch a CMD window that remains open – thus preventing the second command to be marked as completed – until the device has completely stopped all processes and rebooted.
Once rebooted, Windows continues to process the unattend.xml file and initiates the third command to enroll your device in UEM, without being interrupted but with the hostname format of your choosing.
PS: you can add more complex commands to set the hostname format, as long as you can make it fit on one line. ChatGPT has been very helpful to me to construct the following example, where I prepend LT- to the serial if it’s a laptop / DT- if it’s a desktop / VM- in case we’re dealing with a VM.
<CommandLine>C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe -executionpolicy bypass -noprofile -command "$sn=(Get-WmiObject -Class Win32_BIOS).SerialNumber; $ct=(Get-WmiObject -Class Win32_SystemEnclosure).ChassisTypes; $prefix=if($ct -contains 1){'VM-'} elseif($ct -contains 8 -or $ct -contains 9 -or $ct -contains 10 -or $ct -contains 14){'LT-'} elseif($ct -contains 3 -or $ct -contains 4 -or $ct -contains 5 -or $ct -contains 6 -or $ct -contains 7){'DT-'} else {''}; Rename-Computer -NewName ($prefix+$sn) -Force"</CommandLine>Note: These <FirstLogonCommands> only run with elevated privileges if you log in with an administrator account. Since renaming the device requires elevated privileges, make sure your unattend.xml is configured to automatically log in using the local admin once.
<AutoLogon>
<Username>Administrator</Username>
<Enabled>true</Enabled>
<LogonCount>1</LogonCount>
<Password>
<Value>XXXXXXXXXXXXXXXX</Value>
<PlainText>false</PlainText>
</Password>
</AutoLogon>Here’s the complete unattend.xml file I used for your reference.
Enjoy!