Configure the Auto-Add Policy

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2, Windows Server 2008, Windows Server 2008 R2

The Auto-Add policy specifies that administrative approval is required before unknown computers (computers that have not been prestaged in Active Directory Domain Services (AD DS)) are allowed to install an operating system. When you enable this policy, clients that are awaiting approval will be shown in the Pending Devices node of the MMC snap-in. If you approve the pending computer, the computer will continue booting from the network, and a computer account object will be created in AD DS to represent the physical computer. This is helpful because it gives you the ability to prestage computers without needing to know the client computer's GUID or MAC address in advance. If you reject the computer, the network boot will stop, the computer will boot from the next item in the boot order, and a computer account will not be created.

If you do not enable the Auto-Add policy, Windows Deployment Services will not create a computer account for unknown clients when they first PXE boot. However, an account will still be created as part of the installation if the server is configured to join clients to the domain. To configure this setting, right-click the server, and click Properties. On the Client tab, see the Joining a Domain section.

For more information, see Prestaging Client Computers (https://go.microsoft.com/fwlink/?LinkID=131987).

To configure the Auto-Add policy

  1. Right-click the server and click Properties.

  2. On the PXE Response tab, click Respond to all client computers (known and unknown), and then select Require administrator approval for unknown computers.

  3. To modify the statement that client computers are shown when they are in the pending state, run WDSUTIL /Set-Server /AutoAddPolicy /Message:<message>.

  4. Configure the settings for unknown clients. For a list of procedures, see the “Specify Settings for Pending Computers” section at How to Manage Client Computers (https://go.microsoft.com/fwlink/?LinkID=115265).

  5. When an unknown computer boots to the server, the computer will appear in the Pending Devices node of the MMC snap-in. For a list of the actions you can take at this time, see the “Approve and Reject Pending Computers” section of How to Manage Client Computers (https://go.microsoft.com/fwlink/?LinkID=115265).

Additional references