We use Foreman and Puppet to manage our Unix systems here, but the Kerberos infrastructure is implemented over Active Directory (because Exchange).
Registering the newly bootsrapped hosts with AD is a manual process and we'd very much like to automate it.
It would seem, Foreman has (or had?) support for joining AD-realm for a while, but I can not find any actual examples or tutorials.
Foreman has good support for joining realms - however the only provider supported so far is FreeIPA. It allows to manually register bootstrapped hosts in the realm as per your requirement. You may give it a shot with Active Directory and report failures at http://projects.theforeman.org/issues/ as feature requests though.
Please check out the documentation for more info: https://www.theforeman.org/manuals/1.12/#4.3.8Realm
I believe that Puppet has the ability to execute powershell commands using the Powershell EXEC provider. You could create an account that is only delegated to join the PC to the domain and use:
# Create Credentials
$Script_Domain_Join_Credential = New-Object System.Management.Automation.PSCredential($Script_Domain_Join_Username,$Script_Domain_Join_Password)
# Add the COmputer to Domain!
Add-Computer -Domain my.domain.com -Credential $Script_Domain_Join_Credential -Force
That will join the computer to the domain.
EDIT: https://docs.puppet.com/puppet/4.5/reference/resources_exec_windows.html
exec { 'test':
command => 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -executionpolicy remotesigned -file C:\test.ps1',
}
