Skip to main content

Join a server core to a domain

Objective: join a server core to a Windows domain.

Requirements: You need to know the username and password of an account that has permission to join a computer to the domain in question.

Type NETDOM JOIN machine /Domain:DomainName /userd:username /Passwordd:*

Machine is the name of the computer to be joined to the domain.
DomainName is the name of the domain that is being joined.
UserD is the username of an account with the Add Workstation to Domain user right.
PasswordD:* tells the computer that you will manually enter the password for this user and to prompt you for it.

Opitonally, you can specify which OU to place this computer object in. This is preferable if Active Directory is set to place all new computer objects in the Computers container. Since we cannot apply Group Policy to the Computers container, this represents a hole in your security. To do this, add this line after the domain name: /OU:ou path.

A common error when executing this command is in typing the /USERD and /PASSWORDD switches. The mistake is made in not adding the “D” to the end of the switch.

Exercise 1: Verify connectivity and name resolution to the domain controller.
A common problem at this stage is that the computer that you want to join to the domain cannot communicate with the server. Task 1 will help you set a static IP address to the client if necessary. Task 2 will add a DNS server to your IP settings.

Task 1: Get the name of the interface you want to set an IP address for.
· Type netsh interface ipv4 show interfaces
· Press Enter
· Record the name of the interface you want to set a static IP address for. Sample output is below.
Idx Met MTU State Name
--- --- ----- ----------- -------------------
3 5 1500 Connected Local Area Connection

· Local Area Connection is the name we are interested in.
· To simply the typing, you can also user the Idx value of 3.
· Type netsh interface ipv4 set address name=3 source=static address=10.10.1.10 mask=255.255.0.0
· Optionally, you can add a gateway address by appending gateway=address to the end of the command.
· In the Name parameter, we used the Idx value. We could have also typed “Local Area Network”.
· Type IPConfig /all and verify that all data is correct.

At this point, you should be able to ping the server by IP address, but not by name.

Task 2: Add a DNS server to the IP settings on the client.
· Type Netsh interface ipv4 add dns 3 10.10.1.1
· Press Enter

The “3” represents the index number of our NIC from Task 1. You can also put the full name of the adapter here. The address 10.10.1.1 is the IP address of the DNS server. At this point, you should be able to PING the server by name.



Exercise 2: Add the computer to the domain.
· Type NETDOM Join Geyser-Core /Domain:DomainName/userd:UserName /password:*
· When prompted, type in the password.
· You can verify this by checking Active Directory or by typing GPResult /r on the server core and verifying the data.

Comments

Popular posts from this blog

Adding a Comment to a GPO with PowerShell

As I'm writing this article, I'm also writing a customization for a PowerShell course I'm teaching next week in Phoenix.  This customization deals with Group Policy and PowerShell.  For those of you who attend my classes may already know this, but I sit their and try to ask the questions to myself that others may ask as I present the material.  I finished up my customization a few hours ago and then I realized that I did not add in how to put a comment on a GPO.  This is a feature that many Group Policy Administrators may not be aware of. This past summer I attended a presentation at TechEd on Group Policy.  One organization in the crowd had over 5,000 Group Policies.  In an environment like that, the comment section can be priceless.  I always like to write in the comment section why I created the policy so I know its purpose next week after I've completed 50 other tasks and can't remember what I did 5 minutes ago. In the Group Policy module for PowerShell V3, th

Return duplicate values from a collection with PowerShell

If you have a collection of objects and you want to remove any duplicate items, it is fairly simple. # Create a collection with duplicate values $Set1 = 1 , 1 , 2 , 2 , 3 , 4 , 5 , 6 , 7 , 1 , 2   # Remove the duplicate values. $Set1 | Select-Object -Unique 1 2 3 4 5 6 7 What if you want only the duplicate values and nothing else? # Create a collection with duplicate values $Set1 = 1 , 1 , 2 , 2 , 3 , 4 , 5 , 6 , 7 , 1 , 2   #Create a second collection with duplicate values removed. $Set2 = $Set1 | Select-Object -Unique   # Return only the duplicate values. ( Compare-Object -ReferenceObject $Set2 -DifferenceObject $Set1 ) . InputObject | Select-Object – Unique 1 2 This works with objects as well as numbers.  The first command creates a collection with 2 duplicates of both 1 and 2.   The second command creates another collection with the duplicates filtered out.  The Compare-Object cmdlet will first find items that are diffe

How to list all the AD LDS instances on a server

AD LDS allows you to provide directory services to applications that are free of the confines of Active Directory.  To list all the AD LDS instances on a server, follow this procedure: Log into the server in question Open a command prompt. Type dsdbutil and press Enter Type List Instances and press Enter . You will receive a list of the instance name, both the LDAP and SSL port numbers, the location of the database, and its status.