SID-500

Home » PowerShell » Active Directory: How to join a Computer to the Domain using GUI or PowerShell (Step-by-Step)

Active Directory: How to join a Computer to the Domain using GUI or PowerShell (Step-by-Step)

This blog post describes how to join a computer to the domain by using the graphical user interface or running a simple One-Liner in Powershell.

Testing the Environment

Run PowerShell with administrative privileges. First, check IP-Address, Default Gateway and DNS Server Settings. The DNS Server must point to one of your Domain Controller. To verify name resolution run Test-Connection with your Domain Name.

Test-Connection pagr.inet -Quiet

Unbenannt.PNG

True. That looks good. Now we can move on. But wait a minute: If you get a False, then you have to troubleshoot that issue. There is no way out, unless you configure your DNS settings and your network connectivity properly. To do so, check your DNS Server Settings and your connectivity to one of your Domain Controller.

Join the Computer to the Domain

Graphical User Interface

Press Windows Key + Pause (Break).

Next click Change Settings.

Unbenannt.PNG

Select Change. Then provide your domain name. Important information: It´s not a good idea to change the computername and join the computer to the domain at the same time.

Unbenannt.PNG

Unbenannt.PNG

Click OK. Next enter your domain credentials. (User must have permissions to join the domain).

Unbenannt.PNG

Unbenannt.PNG

Unbenannt.PNG

Restart the Computer and log on to the domain by using the format: domain\user. (for example: pagr\petra).

Add-Computer

You can also run Add-Computer to join your computer to the domain. Provide the username and password of a member of the Domain Admins Group.

Add-Computer -DomainName pagr.inet -DomainCredential pagr\administrator

Unbenannt.PNG

Next restart your computer and log in to the domain.

Restart-Computer

Optional: Once logged in, check the secure channel to one of your Domain Controllers by using Test-ComputerSecureChannel.

Test-ComputerSecureChannel -Verbose

Unbenannt.PNG

What have we learned from that? The return value True is a positive sign 😉

Further thoughts

Note: By default, every Domain User is allowed to join up to 10 computers to the domain. For changing this standard setting see my article Securing Active Directory: Who can add computers to the domain? Only the domain admin. Are you sure?


1 Comment

  1. […] How to add computers to the domain see my article Active Directory: How to join a Computer to the Domain using GUI or PowerShell (Step-by-Step) […]

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

WHOIS

My name is Patrick Grünauer (pewa2303). I am from Austria. On sid-500 I write about Windows, Cisco and IT-Security in English and German. Have fun while reading!

Patrick Gruenauer
Follow SID-500 on WordPress.com