Manually installing Ubuntu 24.04.x on WSL on Windows 11 without using the Microsoft Store

#Installing Ubuntu 24.04.x on WSL on Windows 11

#These two items are the minimum install:

#If you want bridged networking then you also have to install Hyper-V so you can create a bridged virtual switch.

#Reboot


Update WSL:

#Other wsl.exe options include:

#Installing WSL with a Custom Tarball

When the Microsoft Store is disabled, you can manually install WSL by downloading a custom tarball. In my case, I have downloaded ubuntu-noble-wsl-amd64-wsl.rootfs.tar.gz from the Ubuntu Cloud WSL Image page. This tarball contains the root filesystem for Ubuntu, which you can use to manually set up WSL without needing the Store.

#Download the WSL image you need from the link below:

https://cloud-images.ubuntu.com/wsl  #Look for Noble folders

#Then run the command below from and elevated command prompt:

A few things to note:

      • To use WSL without the Microsoft Store, for me, Developer Mode needed to be enabled on my Windows system. This had to be done through Microsoft Intune by duplicating and assigning a policy that allows Developer Mode. Please be sure that installing WSL is approved by your IT department before installing if you are on a computer that you use for work purposes.
      • You will initially be logged in as root and this is not meant to be your primary user, at all. Many things only run as root and many more will not run as root. You do not want to leave this, as is, even in a non-production environment.

#This is the version that is current for me now but there are updates so keep reading.


#Set WSL distribution’s virtual disk is set to be sparse:

#This will allow the virtual disk to automatically shrink when files are removed from the distribution

#Another way to manually set a WSL installation to sparse

#Add sparseVhd=true to the [wsl2] section of your .wslconfig file. The .wslconfig file doesn’t already exist most likely. It is located in windows in your home directory usually located at c:\users\username\.wslconfig

#It is not common for a windows file name to begin with a . but that is not a typo. . is the identifier for hidden files in Linux.

#Now manually imported  Linux distributions do not automatically read .wslconfig files so you also need to download wsldl.exe and set that up to launch with as described later on in this post.


#To use the wsldl.exe launcher with your imported WSL distribution and enable it to utilize the .wslconfig file, follow these steps:

#Steps to Configure wsldl.exe

  1. Download wsldl.exe: Ensure you have the latest version of wsldl.exe from the official wsldl repository .
  2. Prepare Your Directory:
    • Create a folder where you want to store your distribution.
    • Place the downloaded wsldl.exe in this folder and rename it to the desired name for your distribution (e.g., MyDistro.exe) .
  3. Add Your Root Filesystem:
    • Place your exported root filesystem tar file (e.g., rootfs.tar.gz) in the same directory as wsldl.exe. Ensure that the tar file is named correctly as rootfs.tar.gz .
  4. Run the Launcher:
    • Right-click on the renamed wsldl.exe (e.g., MyDistro.exe) and select “Run as administrator.” This step is crucial for proper registration and functionality .
  5. Configure .wslconfig:
    • Create or edit a .wslconfig file in your Windows user directory (usually located at C:\Users\<YourUsername>\.wslconfig). This file allows you to set various WSL configurations, such as memory limits and processor settings.
    • Example content for .wslconfig:
      text
      [wsl2]
      memory=4GB
      processors=2
  6. Launch Your Distribution:
    • After running the launcher, you can access your distribution via the command line using its name (e.g., MyDistro). This will allow it to recognize and utilize settings specified in .wslconfig .

#Your imported WSL distribution should now work with the wsldl.exe launcher and respect the configurations set in your.wslconfig file.


#Change the default user for a distribution using wsldl.exe

#Change the default user username for your distribution log-in. The user has to already exist inside the distribution in order to become the default user.

#For example: Ubuntu config --default-user johndoe would change the default user for the WSL instance called “Ubuntu” to the “johndoe” user.

#Note:

#If you are having trouble figuring out the name of your distribution, use the command wsl -l.

#Warning:

#This command will not work for imported distributions, because these distributions do not have an executable launcher. You can instead change the default user for imported distributions using the /etc/wsl.conf file. See the Automount options in the Advanced Settings Configuration doc.


#Update and configure Ubuntu 24.04.x LTS on Windows 11 WSL

#Run update for the first time to initialize apt

#Install the necessary packages that allow apt to use packages over HTTPS:


#Suppressing Pro updates in Ubuntu 24.04.x LTS
 
#Next, also comment out ALL the lines by using arrow keys to navigate, and adding # for each line. When done, press Ctrl+S to save and Ctrl+X to exit.

#Add a new primary user

#Enter a new password and provide any user information you wish to then add the new user to sudousers.

#Edit the /etc/wsl.conf file:
#Open the /etc/wsl.conf file in a text editor. You might need to create this file if it doesn’t exist:

#Add the Configuration for the Default User:
#Add the following lines to the file to set the default user:


#Enable bridged networking instead of NAT

#Create a new bridged virtual switch called WSL

#List configured virtual switches

#Nexts steps to enable bridged networking and to disable IPv6 in WSL2

#Edit the .wslconfig File:

#Create or edit the .wslconfig file located in your user directory (typically C:\Users\<YourUsername>\.wslconfig).

#These settings tell WSL2 to disable IPv6 at the kernel level and to use the virtual switch called WSL.  If you want IPv6 spport then simply omit that line from your .wslconfig

#Add the following lines to the file:

#After saving the changes, you need to shut down WSL for the changes to take effect. You can do this by running the following command in PowerShell or Command Prompt:


#Enable syncookies, disable responses for pings to the broadcast, enable ip spoof protection, disable ICMP redirects and disable source routing. You can do so by adding the following lines to /etc/sysctl.conf

#If you are using NAT rather than bridged networking

#You do not need to do this if you are using bridged mode and DHCP is automatically obtained from your primary DHCP server.

    • WSL NAT mode gives your Linux environment a private IP and makes all traffic appear to come from your host’s IP. This hides your WSL instance from direct access from the Internet, providing a layer of protection.

    • WSL bridged mode lets your Linux environment get its own IP on the network, like a separate computer. This means your WSL session is directly reachable from the Internet or other devices on the network, so it’s more important to secure it properly.

#This means NAT hides WSL behind your host’s IP, while bridged mode makes WSL act like its own device on the network.

#Set permanent DNS to an external DNS provider for NAT

#To prevent the /etc/resolv.conf file from being automatically generated and overwritten by WSL via /etc/wsl.conf

#Add:

#The /etc/resolv.conf file is often a symlink to another file that gets automatically generated. To prevent it from being overwritten, you should remove the symlink and create a regular file:

#List contents of /etc/resolv.conf

#Default Settings in an automatically created resolv.conf

#Get DNS Status

#Remove the existing symlink:

#Create a new /etc/resolv.conf file:

#Edit the new file to add your preferred DNS servers. For example:

#Add additional DNS servers (note tee -a (for append))


#Install and configure zsh shell

#Install zsh (git is needed for the theme I use)

#Configure zsh as your default shell. 

#Run zsh

#Press 2 to create a default config file if prompted


#Configure zsh for root user. You do not need to do this step if you don’t use sudo -i like I do. Operating like that is not recommended but often I am in a non-production environment when I do so exit. This will not work if you were not prompted to create a default .zshrc file. You can run this later if you need to after installing oh.my.zsh.


#Install oh.my.zsh

#I use the Powerlevel10k theme. You can download it from here. This is a per use install and should be installed on a non-root user 1st then sudo -i if you want that too.

#Edit .zshrc configuration file

#Change to:

#Source ~/.zshrc to change to powerlevel10k ohmyzsh theme.

#Answer questions about your screen for customized terminal font support

#Output:


#Create Mount Points in WSL

#Create directories in WSL where you want to mount the CD-ROM drives:

#Check This PC in Windows 11 if you are unsure which drive letter your optical drives uses.

#If your CD/DVD is at D:\ in Windows

#If your CD/DVD is at E:\ in Windows

#Mount the CD-ROM Drives Using drvfs

#If your CD/DVD is at D:\ in Windows

#If your CD/DVD is at E:\ in Windows

 

#Part 2 is on it’s way. (Next Steps to configuring Ubuntu 24.04.x LTS in Windows 11 WSL)

Delete Opera Splash Screen and Other Opera Annoyware

#Delete Opera Splash Screen and Other Opera Annoyware

#Let’s just start with why they are forcing a Splash Screen in the first place… who knows but I am thinking they are stuck in a different decade. I just delete all the automatic crap. The Opera Browser remains working for me without the files removed by my code. I even setup a MagicWord in Brayden SlickRun to do this for me by simply typing dop. 

#Just the code:


#Longer Story

#I use Chocolatey to update my system, when I decide, so all these browsers forcing updates every other day is just extra annoying for me. Opera doesn’t provide an option to do manual updates. Removing the opera_autoupdate.exe file seems to work well.

#Patch testing and phased implementations are a thing of the past.  The cloud and any applications that deal with the cloud are basically beta software that can hardly be trusted for anything important or secure. Anyone that has to update several times a week hasn’t done a good job in the first place.  Trying to keep up with the cloud is a daunting task for programmers but I do not need forced updates and “features” like a splash screen also forced upon me after almost daily updates. I would understand if there were just an option, that worked, to disable all that. I use a 3rd party updater. It has issues when Opera updates itself and I just don’t need forced screen delays when I load software. It is just dumb.  Firefox just updated on me while I was using it in Linux with a Canonical install using apt. They had a hidden background update option enabled and it installed then killed all my private windows.

#Also I don’t want my browser running in the background every time I login or Edge, which I never use. Why would I want that? It doesn’t do anything for me when they do that. I can only imagine it benefits them somehow to take up some of my resources when I am using Firefox or Chrome instead.

#I use Opera for real work. It is not a toy for me. It does some things better than other more popular browsers but they have always focused more on monetizing it more than just being the best which is why I never recommend it to anyone.

Use PowerShell to Make All Files in a Folder to Lowercase Instead of Uppercase

#Use PowerShell to Convert All Files in a Folder to Lowercase Instead of Uppercase

#Here’s a PowerShell script to convert all filenames in a folder to lowercase:

#Just the code


#Longer Story

#When attempting to convert filenames to lowercase from a CD-ROM using PowerRename, I encountered challenges primarily due to file system limitations, specifically with ExFAT partitions. The led me to develop a PowerShell script that effectively renames files and discovered that the script only works when files were first copied to an NTFS partition.

#ExFAT Limitation

#ExFAT (Extended File Allocation Table) is a file system designed for flash drives and external hard drives. While it offers advantages like large file size support and cross-platform compatibility, it has some limitations when it comes to file operations:

  1. Case Sensitivity: ExFAT is case-preserving but case-insensitive. This means it maintains the case of filenames as they were created, but doesn’t distinguish between uppercase and lowercase when accessing files.
  2. Rename Operations: Some tools and scripts may have difficulty renaming files on exFAT partitions due to how the file system handles these operations
  3. Permissions: ExFAT doesn’t support the same level of file permissions as NTFS, which can affect certain operations

#PowerRename and ExFAT

#PowerRename, a PowerToy utility, may show that it’s working on ExFAT but fails to actually rename the files.

#NTFS Compatibility

NTFS (New Technology File System) is more robust and supports a wider range of file operations.

Install Microsoft OpenSSH.Server package from PowerShell and set SSHD service to Automatic

#Install Microsoft OpenSSH.Server package from PowerShell and set SSHD service to Automatic


#Just the code:


#The long story…

#Add OpenSSH Server capability to Windows 10 and Windows Server 2019

#OpenSSH Server needs to be installed via Remote Desktop Protocol (RDP) or from a local PowerShell session to allow incoming SSH connections and tunnels.

#OpenSSH Client is now included with Microsoft Windows 10 and Microsoft Windows Servers. This package only needs to be installed on the remote side of a tunnel. OpenSSH Client is required on the computer initiating the connections or tunnels and is installed by default in the latest version of Windows 10, Windows Server 2019 and Windows Server 2022.

#Add-WindowsCapability does not work for the OpenSSH.Server package via Enter-PSSession for some reason.

#Set the SSHD service to Automatic

#Start the SSHD service


#Use this command to verify that OpenSSH Client is installed

#Verify the incoming Windows Firewall rules for OpenSSH Server were properly created

Use PowerShell to create an SSH tunnel for a Remote Desktop Connection (RDP) to another computer with OpenSSH-Server installed

#Use PowerShell to create an SSH tunnel for a Remote Desktop Connection (RDP) to another computer with OpenSSH-Server installed


#Just the code:


#The Long Story…

#Remote Desktop Protocol (RDP) is great but it is not very secure. This is one way to make your RDP connections more secure using a Secure Shell (SSH) tunnel.  This may work in Powershell 7 but isn’t the best way to do it.

#Install SSH Server on Windows 10 or Windows 2019

http://winrollup.com/install-microsoft-openssh-server-package-from-powershell-and-set-sshd-service-to-automatic

#Use PowerShell to open SSH in a cmd.exe window that will control the SSH tunnel.

#The commands will pause while you login to the SSH tunnel session. In this example 127.0.0.3:13889 is the tunnel entrance. 10.4.0.12:3389 is the tunnel destination and will most likely be different for you. In my case it is a Microsoft Windows Server 2019 server that I connect to from a Windows 10 Professional client.

#10.4.0.12 is the address of the SSH server and sshuser is an account on the destination machine. The account used doesn’t need additional rights beyond User rights on Windows 10 to create the tunnel but you will need additional rights to connect via RDP.

#Login to SSH tunnel

#Type in the password for sshuser

#The first time you connect to a new SSH host computer you must accept the SSH key that is presented. Type yes if prompted with a message similar to the text below.

ssh tunnel login screen

#Leave this window open. Minimize if you need to but it needs to stay running for the tunnel traffic to use.

#This will end with a window that looks like it hangs after you login. It is not hung. That window is where the tunnel runs through. Do not close it. Minimize the window and go back to your script. Press Enter to continue…

SSH tunnel active after a successful login win10 server2019

#Go back to the PowerShell window and press Enter to launch mstsc.exe and make a Remote Desktop Connection using the new SSH tunnel.

setup ssh tunnel rdp powershell win10 server2019

#Launch mstsc.exe with the new loopback IP and made up port number

#Use the & call operator to force PowerShell to treat the string as a command to be executed and run mstsc.exe which is the Windows command to launch the Remote Desktop Services client also know as Microsoft Terminal Services client (mstsc).

rdp ssh tunnel active win10 powershell


#I used code and knowledge from the page linked below to create this but the code I use is modified to combine techniques and concepts shown there when using PowerShell. 

#This site has information on using Putty and Linux to create SSH tunnel connections as well.

https://www.saotn.org/tunnel-rdp-through-ssh/

 

 

 

Setup a New Microsoft Windows Server 2019 Core Installation to Accept Incoming PowerShell Connections in a Workgroup

#Setup a New Microsoft Windows Server 2019 Core Installation to Accept Incoming PowerShell Remoting connections in a Workgroup


#You will not need to do this if you perform your PowerShell tasks directly from a domain connected computer.  You need this if you have virtual machines or headless devices… or just plain lazy. Also not everyone has a domain controller and sometimes even a Hyper-V host computer will remain in a workgroup since it might host the domain controller and it is off topic… I work in PowerShell ISE for the most part and connect to where ever I need to.


#This is the first steps after a fresh clean install of Microsoft Windows Server 2019 Core to allow PowerShell Remoting and WSMan.

Initial Screen Ctrl, Alt,_Del_Server 2019 Core

#Press Ctrl-Alt-Delete to begin configuring Microsoft Windows Server 2019 Core

Change password before signing in Server 2019 Core

#Press Enter to select OK to change password

Set local administrator password Server 2019 Core

#Set password for .\administrator

Your password has been changed Server 2019 Core

#This initial password is for the local administrator account .\administrator is also a way to access this account. It is not part of active directory and therefore doesn’t fall under the Active Directory password policy. Do not make it something easy to guess. The standard policy require 8 characters minimum with upper and lower case letters, numbers and symbols. I suggest you follow that as this password will be passed to your initial domain administrator account, where it will fail to work, so it is just best to avoid issues.

Microsoft Windows Server 2019 Core command prompt Server 2019 Core

#This is cmd.exe start screen for Microsoft Windows Server 2019 Core. Type sconfig to bring up the cheater menu.

Run Powershell Server 2019 Core

#Type powershell and press enter to start a PowerShell session directly in Microsoft Windows Server 2019 Core cmd.exe prompt.

Enable-PSRemoting -Force Server 2019 Core

#Type Enable-PSRemoting -Force to enable PowerShell Remoting. You can use -SkipNetworkProfileCheck to allow management requests on a network Microsoft Windows has categorized as Public such as Hotspots and new unrecognized networks.

Get-Item WSMan clients trustedhosts Server 2019 Core

#This will show you what computers you “trust” to connect remotely via PowerShell Remote, no remote hosts are allowed by default.

Set-Item -Value IP addresses and computer names verify Server 2019 Core

#This creates a list of computers you “trust” so that you wish to make outgoing PowerShell Remote connections. It doesn’t need a value if you don’t plan to connect to other computers from this new server and/or just use a management PC. 

#This is not a list of computers that are allowed to use Enter-PSSession to connect to the new server and most likely you need to run this command on a Windows 10 management PC instead. You would include either the IP address of the new server, the computer name of the new server or ‘*’ if you want to be able to connect to anywhere.

#The code below will add entries to the TrustedHosts rather than overwrite them:

You can now connect via Eter-PSSession Server 2019 Core

#You can use either the server IP address or computer name if you need to perform this step.  I choose to use both so I avoid any issues when connecting. You need to type y and press Enter to confirm.  A value of ‘*’ allows the server to connect to any remote host.

#Now you can use Enter-PSSession to connect to your Microsoft Windows Sever 2019 Core install to configure it using PowerShell or RSAT tools.


#At this point you probably do not have Active Directory installed so you would use the command below to connect to the server. I use PowerShell ISE to open my list of common commands and just run them remotely from my desktop computer. After the -Cn is whatever IP address or computer name you added to WSMan:\localhost\Client\TrustedHosts


#If you are running Microsoft Windows 2019 Core on Hyper-V then you can connect the way shown above from anywhere. You could connect the way below, from the Hyper-V host, if that isn’t also a core installation.  Be aware that connecting -VMName Vs. -ComputerName can cause some commands to behave differently or not at all.

Installing and configuring PowerShell 7.2.1 on 64-bit Server 2019 and Windows 10

#Installing and configuring PowerShell 7.2.1 on 64-bit Server 2019 and Windows 10

#The installation commands shown here are for the latest stable release of PowerShell 7

#To be honest I don’t recommend upgrading if you plan to keep using all your existing scripts and commands without issue.  That most likely will not happen. PowerShell 7 doesn’t work well with Microsoft 365 and Microsoft Azure.  The login command fails, for example.  There might be a work around using the Microsoft Graph API but I haven’t managed to get that working.  The differences between PowerShell 5 and PowerShell 7 are discussed here.

 #I need to use the older Microsoft only releases of PowerShell for most of what I do.  PowerShell 7 does work on many non-Windows platforms but do not expect to use PowerShell 7 to manage your hard drives in Linux.  PowerShell 5.x and PowerShell 6.x only work on Microsoft Windows-based computers.

#It should also be mentioned that PowerShell 5 and PowerShell 7 run along side each other and is determined by which shell you choose to work in.  Another problem is that PowerShell ISE is not designed to work with PowerShell 7 and not included.


From Microsoft: 

#Is PowerShell ISE going away?

 
The PowerShell ISE is no longer in active feature development. As a shipping component of Windows, it continues to be officially supported for security and high-priority servicing fixes. … Users looking for replacement for the ISE should use Visual Studio Code with the PowerShell Extension.
 

 

PowerShell 7.2.1 can be downloaded for 64-bit Windows-based operating systems from the link below: 

https://github.com/PowerShell/PowerShell/releases/download/v7.2.1/PowerShell-7.2.1-win-x64.msi

Get more information about the latest version of Microsoft PowerShell 7.2 LTS from the link below:

https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell-on-windows?view=powershell-7.2


#Open firewall to allow PowerShell access to and from other computers on your network:

 

Install AD-Domain-Services And Configure A New Domain On Windows Server 2016

#Install AD-Domain-Services And Configure A New Domain On Windows Server 2016

#This is to install and configure a new Active Directory domain called domain.winrollup.int with a short name of domain. You will be disconnected from Microsoft PowerShell at the end of the procedure if you are connected via WinRM or PowerShell Direct. You’ll need to restart the server and login with domain\username credentials when you reconnect. 

#Just the code:


#The Longer Story…

#This is just to install a single domain on Windows Server 2016 using PowerShell commands.

#Install AD-Domain-Services feature in Windows Server 2016 using PowerShell Direct

#Import the ADDSDeployment module that contains Install-ADDSForest

#Create domain and forest

#-DomainMode 7 and -ForestMode 7 are for Server 2016 domain and forest mode. These settings should be modified if compatibility for previous Active Directory domain and forest mode support is needed. I do not see these settings on the Microsoft help page for Install-ADDSDeployment but if you use the GUI wizard method then Server 2016 mode is the default used there and this will be added when they update the Install-ADDSDeployment TechNet page past Server 2012 R2.

#The -DomainNetbiosName is different from a Netbios Computer Name and is what is used when logging in so domain\administrator is as valid as logging into domain.winrollup.int\administrator.

 

#Full Output of Install-ADDSForest:

#Restart the server.

#Reconnect to PowerShell Direct using the DOMAIN\administrator account after reboot from Install-ADDSForest is complete.

Manage Active Directory Users And Computers Using Windows 10 In PowerShell Direct Without CredSSP Or “Second-Hop” Issues

#Manage Active Directory Users And Computers Using Windows 10 in PowerShell Direct Without CredSSP Or “Second-Hop” Issues

#When connecting to a virtual machine using PowerShell Remoting, enabling CredSSP (Credential Security Support Provider) is essential to avoid “Second-Hop” or “Multi-Hop” issues when managing Active Directory objects. CredSSP is particularly necessary when connecting to physical machines, as PowerShell Direct only functions when connecting directly from the host computer to a virtual machine.

#PowerShell Direct does not encounter the “Second-Hop” problem when managing Windows Server 2016 from a Windows 10 virtual machine running Hyper-V. Since I have enabled the Hyper-V role on my Windows 10 Professional system and my physical machine is not part of a domain, the Windows 10 virtual machine must be joined to the Active Directory domain that I intend to manage. This setup avoids additional configuration changes related to workgroup settings.


#The Longer Story…

#Create a new Organizational Unit in PowerShell Remote using just the computer name

#Without CredSSP enabled this command fails in PowerShell Remote which is initiated by using-ComputerName with Enter-PSSession

#Create a new Organizational Unit in PowerShell Direct using just the virtual machine name

#Just using OU=Test as an example to show how this command doesn’t fail in PowerShell Direct using -VMName like it did in the previous example using -ComputerName.

#Set â€“ProtectedFromAccidentalDeletion to $false on OU=Test so it can be deleted

#This needs to be done to allow the OU to be deleted.

#Delete OU=Test from -Server KERMIT.

#KERMIT is the NetBIOS computer name of my domain controller and not the domain NetBIOS name. They are different things.

 

Join Windows 10 Professional To An Active Directory Domain Using PowerShell Direct

#Join Windows 10 Professional To An Active Directory Domain Using PowerShell Direct

#These are the commands to rename a Windows 10 client computer to GONZO and add that computer to a domain called domain.winrollup.int


#The Longer Story…

#Your computer may not need to be renamed so skip that if needed. Also the Add-Computer command sends your newly added computers to the Computers container by default unless you specify an -OUPath when running Add-Computer.

#Rename computer before joining your domain if your computer name doesn’t comply with server standards. Restart required.

#Join a domain called domain.winrollup.int. Restart required.

#You need to change the -DomainName from domain.win1rollup.int to what you call your domain. Use -Restart at the end of the Add-Computer command to automatically restart.


#A Bit More

#Specify a preconfigured Organizational Unit path when joining domain

#My domain is simple and this is not needed for me at this time. I don’t have multiple Organizational Units yet and I don’t need any Group Policies affecting this PC since I’m working with my Windows 10 management PC. I’m able to specify the -OUPath shown below, once I complete the step below to create an OU called ServerAdmins. This command adds the computer to OU=ServerAdmins.

#You are not able to specify another container besides the default Computers container, but there is a way to change the default container if you don’t specify an OU. I definitely don’t want my computers added to the default OU which is OU=Domain Controllers, so I don’t use this command switch unless I have created a new OU first. It has been suggested to create the OU and computer object prior to joining the domain, but I don’t need to do that at this point.

#The command below is used to specify an Organizational Unit when joining a domain, if needed.

#Create a new Organizational Unit on the server (Needs to be run on Windows Server 2019 with the Active Directory role installed and configured)

#If you preconfigure an alternative Organizational Unit on Windows Server 2019 then you can add your computers directly to that OU by specifying a -OUPath when running Add-Computer.