It’s hard to imagine an IT service provider who doesn’t already offer computer setup services. But sometimes there are reasons why you may want to add a computer(s) or device(s) to your current domain, which can be tricky if not done correctly. Here we will cover the basics of how to do this and some considerations you should take into account when adding devices.,
The “how to add a computer to a domain windows 10” is an article that will teach you how to add a computer to your domain. This process can be done in many different ways, but this guide will help you through the steps.
Active Directory (AD) is a decades-old technology that is used by thousands of businesses on a daily basis. You must link computers to an AD domain in order to use AD. You could not understand there are several options, some of which are superior to others. Continue reading to find out how.
Do you have any passwords in your Active Directory that have been compromised? Use Specops Password Auditor Free to find out.
The netdom software and PowerShell are used in this tutorial to add a machine to a domain using the Windows GUI and command-line.
Prerequisites
If you want to follow along with the whole lesson, make sure you have the following items:
- A domain in Active Directory. This course will be hosted on the domain homelab.local.
- A workgroup PC running Windows 10 Pro, Enterprise, or Education that can connect to an AD domain controller. A domain cannot be connected to all versions of Windows 10. The PC used in this lesson is named Win10Demo.
- An Active Directory user account having domain join rights. More information on determining which permissions are required may be found here.
- On a domain controller, access to Active Directory Users and Computers (ADUC) (to confirm the domain join).
- To utilize the command-line, you’ll need the Remote Server Administration Tools (RSAT) package.
Using the GUI to add a computer to a domain
The GUI is one of the most typical methods to add a machine to an AD domain. This method is useful when you just need to add one or a few machines at a time. This strategy is ineffective for adding numerous computers simultaneously. That will happen later.
Assuming you’re on a Windows 10 workgroup computer with access to a domain controller, perform the following:
1. Run the sysdm.cpl command. This command will bring up the System Properties applet in the control panel.
Dialog box for System Properties
2. Click the Change button on the System Properties screen. The Computer Name/Domain Changes dialog box will appear when you click this button.
Change option in Dialog box for System Properties
3. As you can see in the screenshot below, this machine is part of the WORKGROUP workgroup. To add this machine to a domain, choose the Domain radio option in the Computer Name/Domain Changes dialog box.
Change Computer/Dialog window for Domain Name
4. In the Domain box, provide the name of the domain to which the machine should be added, and then click OK. After that, the machine will try to contact a domain controller and join the domain.
Change Computer/Dialog window for Domain Name
The Trust Relationship Between This Workstation and the Primary Domain Has Broken Down
If your computer cannot quickly reach the domain name you supplied, it will display the following error: If the machine can’t connect to a domain controller, make sure the DNS server on the PC points to one. To locate a domain controller, the computer must be able to locate the DNS SRV record.
5. If the computer can communicate with a domain controller, it will ask for a username and password, as illustrated below. Click OK after entering a user account with rights to add this machine to the domain.
Dialog window for Domain Join Credentials
6. If everything goes smoothly, you should see a message like the one below welcome you to the domain. The computer produces an AD computer object at this point. Click OK.
Get-ADComputer in PowerShell: Find Computers in OUs
Domain Notification was successfully added.
7. Click OK once again to confirm that the machine has to be restarted.
Start your computer again. Notification
8. You’ll then be redirected back to the Dialog box for System Properties, but now you will see a warning (Changes will take effect after you restart this computer.) Click on Close.
Dialog box for System Properties post joining to domain
9. When you click Close, Windows will ask you to restart right away. To restart the computer right now, click Restart now.
Restart the computer locally
Using the Settings app to add a local computer to a domain
The steps outlined below are only applicable to Windows 10 20H2. These instructions may change in future versions of Windows 10.
1. Select Settings from the Start Menu by right-clicking on it.
Start menu settings option
2. Select Accounts from the Settings menu.
In the Settings app, go to Accounts.
3. On the next screen, choose “Access Work or School” and then “Connect” on the right.
In settings, you may choose to access work or school.
4. To link this computer to the local Active Directory domain, choose “Join this device to local Active Directory Domain” from the Microsoft account dialog box and click Next.
Option to join this device to a local Active Directory domain
5. Enter your domain name and click Following on the next screen.
Dialog window for Domain Name
6. If the computer can communicate with a domain controller, it will ask for a username and password, as shown below. Click OK after entering a user account with rights to add this machine to the domain.
Dialog box for credentials
7. Choose the account type that will utilize this computer on the following screen.
- If you choose administrator, the userid you used to join the domain will be assigned to the machine’s local administrators group.
- If you choose normal user, the userid will not be added to the local administrators group. You may also go through to the next page if you like. Let’s choose normal user for this demonstration and then click Next.
Account selection prompt
8. To restart the computer instantly, click Restart now.
Prompt to restart
9. After restarting the system, use a domain user id to log in.
Using Netdom to add a local computer to a domain
You’ve seen how to add a Windows 10 PC to the domain using the GUI so far, but you don’t have to. Instead, you may use the netdom utility from the command line. The RSAT package includes a command-line utility called Netdom.
Assuming you’re on a Windows 10 workgroup computer with access to a domain controller, perform the following:
1. Run cmd.exe with administrative privileges.
2. Enter the following settings into netdom join.
Following the join option, Netdom expects a machine name. Replace the value with the variable percent computername percent to always reflect the local computer if you’re running this command on other machines.
/domain: netdom.exe join percent computername percent /PasswordD:Password /DomainName /UserD:DomainNameUserName
output of netdom command
3. Restart the computer, and it will automatically join the domain.
Using PowerShell to add a local computer to a domain
You can use PowerShell to add a computer to a domain if you have a large number of machines to add, have an onboarding automation process, or prefer the command line.
Assuming you’re on a Windows 10 workgroup computer with access to a domain controller, perform the following:
1. Make sure Windows PowerShell is running as administrator.
How to Use PowerShell as an Administrator
In the PowerShell console, run the Add-Computer cmdlet. This cmdlet performs the same action as Using the GUI to add a computer to a domain. Specify the domain name to add the computer to with the DomainName parameter and optionally specify the Restart parameter to restart the computer when complete automatically.
You may also use the Credential argument to quickly enter the login and password. For further details, see this article. If you want to automatically assign a machine to a different OU when it’s created, use the OUPath argument. Run Get-Help Add-Computer -Full for additional possibilities.
-DomainName DomainName -Restart Add-Computer
Credentials prompt for Add-Computer cmdlet
Using WMI, add a local computer to a domain
Let’s continue with a lesser-known approach of utilizing Windows Management Instrumentation to guarantee this article covers all possible methods to join a machine to a domain (WMI). WMI is a Windows component that stores a lot of information about a computer and may conduct actions on it.
You must use a WMI technique to add a local computer to a domain using WMI. This approach does the same operation as netdom or the PowerShell function Add-Computer.
WMI methods may be called in a variety of ways. Let’s concentrate on two methods utilizing the *wmic* command-line program and PowerShell in this article.
Working with WMIC
To add a machine to a domain using WMIC, follow these steps:
1. Run a command prompt as administrator (cmd.exe).
2. Execute the command listed below. The following command:
- Uses a where query to specify the local computer (where name=”percent computername percent “)
- Invoke the Win32 ComputerSystem WMI class’s joindomainorworkgroup WMI function (call joindomainorworkgroup) (computersystem)
- To join the domain, specifies the proper bitwise operators (fjoin options 3)
- Authenticates using the labadmin user account (username=”homelablabadmin Password=”secret”) to add the machine to the homelab.local domain (homelab.local).
where name=”percent computername percent ” in wmic computersystem fjoinoptions=3 joindomainorworkgroup name=”homelab.local” username=”homelablabadmin” Password=”secret”
Command output from WMIC
3. Restart the computer after everything is done.
Using the Get-WmiObject cmdlet in PowerShell
PowerShell may also be used to call the JoinDomainOrWorkgroup WMI procedure. To do so:
1. Run PowerShell as a superuser.
2. Execute the command below. This command uses the same parameters as wmic to execute the same purpose.
(Win32 ComputerSystem) Get-WMIObject -NameSpace “RootCimv2” -Class “Win32 ComputerSystem”) JoinDomainOrWorkgroup(“homelab.local”,”secret”,”homelablabadmin”,$null,3)
The Get-WMIObject command returns
3. Restart the computer after everything is done.
Adding Computers to a Domain from afar
You’ve learnt how to add a machine to a domain while sitting in front of that computer throughout this course. But what if you can’t sit in front of that computer or if you have a large number of PCs to add? PowerShell is your best buddy in this instance.
You may either use the WMI approach in PowerShell as described before, but using the ComputerName option on the Get-WmiObject cmdlet, or PSRemoting to add machines to a domain remotely.
The Ultimate Guide to PowerShell Remoting
Invoke the Add-Computer PowerShell cmdlet to add remote machines to a domain. Use the ComputerName argument this time.
PSRemoting must be enabled on all remote machines before you can use the Add-Computer cmdlet remotely.
1. Run PowerShell as administrator on your own workstation (not the PC you’re adding to the domain).
2. Execute the command listed below. The following command:
- Adds the remote machine win10demo to the homelab.local domain (-ComputerName win10demo) (-DomainName homelab.local).
- To authenticate to the distant machine, it uses the local user01 on win10demo (-LocalCredential win10demouser01)
- To add the computer account, it authenticates to the domain using the labadmin domain account (-Credential homelablabadmin).
- After it finishes, the computer will automatically restart (-Restart)
Add-Computer -ComputerName win10demo -LocalCredential win10demouser01 -DomainName homelab.local -LocalCredential win10demouser01 -DomainName home -Restart -Credential homelablabadmin
The Add-Computer cmdlet will request you for passwords for the user01 and labadmin accounts after being run. When PowerShell is finished, it will immediately restart the remote machine.
If a user is logged in, the Add-Machine cmdlet will not restart the remote computer by default. Set the Force switch option to always restart the remote computer to override this.
Confirming the AD Computer Account’s Creation
When a computer is added to a domain, a computer object is created. Open Active Directory Users and Computers (ADUC) to test that the computer produced the computer object as intended.
1. Log in to your domain controller and open Active Directory Users and Computers (ADUC), or if you have the Remote Server Administration Tools (RSAT) package installed, open ADUC on your local computer.
Installing and Importing the Active Directory Module
2. In ADUC, expand the domain name node (in this example, homelab.local) and choose the Computers container. The computer object that was introduced in the previous step should now be visible.
All machines added to a domain are automatically placed in the Computers container.
Snapin for Active Directory Users and Computers
3. Return to the Windows 10 PC and log in with any AD user account using the Other User option on the login page.
After you’ve joined a domain, you may log in as another user.
As illustrated below, you can now see your domain name in the Password box.
When logging in, use your domain name.
Do you have any passwords in your Active Directory that have been compromised? Use Specops Password Auditor Free to find out.
Conclusion
You’ve seen many methods for adding computers to an AD domain in this post. Each technique has benefits and drawbacks, but you should now be aware of all of your possibilities.
How would you add your next computer to a domain now that you know how to add a computer to a domain?
If you want to add a computer to your domain, there are many different ways. This tutorial will show you how to do it with Windows 7. Reference: add computer to domain windows 7.
Related Tags
- how to add a computer to a domain from active directory
- adding a computer to a domain windows server 2012
- adding a computer to a domain windows server 2016
- add-computer to domain cmd
- add-computer to domain powershell