Joining a Computer to the Domain using a Script

by TheRealEdwin on 13/03/10 at 5:22 pm

Hello there! If you are new here, you might want to subscribe to the RSS feed for updates on this topic.

Here’s a quick tip for you Active Directory admins out there.

You should already know how to join a domain via the GUI, but what about via the command line? To do this we will be using netdom. Go ahead and open your command prompt, type netdom /? and take a look at the options presented to you.

netdom join ComputerName /Domain:DomainName [/ou: "DN of OU"] [/UserO:LocalUsername] [/PasswordO:*] [/UserD:DomainUsername] [/PasswordD:*] [/SecurePasswordPrompt] [/REBoot[:TimeInSeconds]]

This is a nice thing to have because you can script it. Also you other things that the GUI way can’t, like automatically putting that computer in an OU that isn’t the default. Having this as a script can allow you to join the computer to the domain remotely too. The neat thing about this is that you can also require the script user to supply a username and password. This way, in case the script gets into the hands if someone who isn’t suppose to have it, they probably wouldn’t even have permissions to create a computer object in AD. If you want to put the username and password into the script, change out the * with the actual password. Note that the UserD and PasswordD is for a domain account that has permission to create computer objects.

If it works, it should reboot afterwords. If you leave the TimeInSeconds part out, the computer will reboot in 30 seconds as a default. As always, make sure you prestage the computer object creation as that will help things out. But if you can’t, this is a great way to keep things organized by creating the new computer object in the OU that you want.

For more information and lots of helpful tips, the MSPress book 70-640 is a wonderful investment. Buying through this link also supports me and the site. Thank you for reading and helping!