What I have working is a Powershell script that takes a JSON file to create a new VM; the JSON file contains instructions for the VM to join a domain and run a custom script. Both things do happen, but the script runs as the user workgroup\system and therefore doesn't have access to a network drive.

• Does listing the extensions in this order guarantee that the script runs after the domain join is complete (or is it haphazard)?

Is there something I can do to ensure that the script does not run until the domain join is complete? How can I best detect (locally from the new VM) that the domain join is complete? How would you delay the running of the script until a better time (something like a once-off cron job)?

Update: Split question in two, other half is here.

Also, immense thanks to Dewi Jones for more than an hour of interactive support. I'm indebted by being able to give only a single check mark in return.

Get the domain and if the domain is equal to the one you are joining then continue.

$domain = gc env:UserDNSDomain

While ($domain -neq "FQDN")
{
Start-Sleep -seconds 2
}

Otherwise you can call a script using credentials as follows

$username = 'user'
$password = 'password'
$PSArgs = 'Script file name'
$securePassword = ConvertTo-SecureString $password -AsPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential $username, $securePassword
Start-Process Powershell.exe -Credential $credential $PSArgs