Solved

Join Computers to Domain Automatically W95/W98/w2k/wxp

Posted on 2004-04-07
23
325 Views
Last Modified: 2007-12-19
This is a real challenge!!!!

I have over 20,000 machines in a workgroup, they are w95, w98, w2k and wXP. I need to join them to the domain automatically.
They can all see a central server.

I am thinking that it has to go around this area. I run a batch process to run a remote command on the machines to join a domain.

Has anyone done this before? Is there an application o a script out there?

Thank you very much

Chebastian
0
Comment
Question by:chebastian
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 7
  • 3
23 Comments
 
LVL 9

Expert Comment

by:jamesreddy
ID: 10779682
For WinXP or better, you have the JoinDomainOrWorkGroup and the Rename method in

the Win32_ComputerSystem class.

Rename Method in Class Win32_ComputerSystem
http://msdn.microsoft.com/library/en-us/wmisdk/wmi/rename_method_in_class_win32_computersystem.asp

JoinDomainOrWorkGroup Method in Class Win32_ComputerSystem
http://msdn.microsoft.com/library/en-us/wmisdk/wmi/joindomainorworkgroup_method_in_class_win32_computersystem.asp

Technet Script Center > Computer Management:

Join Computer to a Domain
http://www.microsoft.com/technet/scriptcenter/compmgmt/scrcm31.asp

Rename a Computer and Computer Account
http://www.microsoft.com/technet/scriptcenter/compmgmt/scrcm36.asp


For pre-WinXP OS (and WinXP as well):


The JoinDom freeware utility found at tip 5956 at
http://www.jsiinc.com/reghack.htm can be used.


Or you can use the command line utility netdom.exe from MS.

Latest version of netdom.exe can be downloaded from here:

Windows 2000 SP3 Support Tools
http://www.microsoft.com/windows2000/downloads/servicepacks/sp3/supporttools.asp

There came one updated version with SP2 as well, but I would be very surprised
if the SP3 netdom version do not work on pre SP3 computers.


More info can be found here:

http://groups.google.com/groups?selm=3D7CFEC8.556EDB2B%40hydro.com

Hope that helps.


James
0
 
LVL 9

Expert Comment

by:jamesreddy
ID: 10779690
My join computer to domain link is wrong.  Here it is...for XP:

http://www.microsoft.com/technet/community/scriptcenter/compmgmt/scrcm31.mspx

0
 
LVL 9

Expert Comment

by:jamesreddy
ID: 10779706
Darn it...my JSI link is wrong too.

http://www.jsiinc.com/subl/tip5900/rh5956.htm

That's for all OS's.  It could be a fallback.  Youcould create an account with privelages to simply join computers to a domain, distribute this utility and that account information out to your users with instructions as a fallback.

You main problem here is the legacy OS's...they are not designed to work with 2003
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 9

Expert Comment

by:jamesreddy
ID: 10780114
Also...just found this link on how to automate the creation of computer accounts.  Could be useful with Windows 2000 and Windows XP accounts.  Doesn't do anything for you on the 9x operating systems though.
0
 
LVL 9

Accepted Solution

by:
jamesreddy earned 250 total points
ID: 10780143
And lastly...netdom.exe utility:

Can be downloaded from http://www.microsoft.com/windows2000/downloads/servicepacks/sp3/supporttools.asp

Netdom.exe

How To Join a Domain From the Command Line
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q150493

How to Use Netdom 2.0 to Create a Windows Computer Account on a Selected Domain
Controller
http://support.microsoft.com/support/kb/articles/Q266/6/51.ASP

Automating the Creation of Computer Accounts
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q222525


That's all I could find for you man.  Good luck.

James
0
 
LVL 51

Assisted Solution

by:Netman66
Netman66 earned 250 total points
ID: 10795358
Hey James..

For him, I think Netdom is the best solution.  As far as the 9x clients are concerned, they don't have domain accounts.  It would be helpful to install the Directory Services client on NT4 and lower workstations.

0
 
LVL 9

Expert Comment

by:jamesreddy
ID: 10795410
I was thinking the same thing.  I did forget to mention DSCLIENT though.  They will need that in order to see the Active Directory structure correctly.

However, he wants to 9x clients to be logged into the domain, if I understand the question correctly.  I know they don't have computer accounts, but client for Microsoft Networks still need to be configured for the user to log into the domain, rather than the local workstation which is why I posted the other info.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 10795443
That info was correct - thus, no need to mention it!

I wasn't contradicting you - just filling in the blanks and reaffirming your answers.

0
 
LVL 9

Expert Comment

by:jamesreddy
ID: 10795462
OH...geez...NETMAN!  I didn't even know it was you.

Ahhh...well, I misread your message.  :)  Sorry...I have the flu, a fever, and thus...I am out of it.  lol.  I originally got the impression you thought I was trying to tell him to create computer accounts in the domain for the 98 machines.

Should have known better if I had looked at the author's name.  I would have reread it three times before responding to the man who saved my butt twice.  :)
0
 
LVL 9

Expert Comment

by:jamesreddy
ID: 10795464
But like I said...I did forget to mention DSCLIENT.  So thanks for the backup!  :)
0
 
LVL 51

Expert Comment

by:Netman66
ID: 10795495
No problem James!

Hope you get better soon.

0
 

Author Comment

by:chebastian
ID: 10801811
Sorry for the bother but here is the problem, I need to perform this remotely and automatically with no user intervention, if it is a possibility.

thanks
0
 
LVL 9

Expert Comment

by:jamesreddy
ID: 10802739
All the commands listed can be executed from a simple login script.  Just create a batch file and have the remote systems run it from a login script.  should be nothing to it.
0
 
LVL 9

Expert Comment

by:jamesreddy
ID: 10802758
For systems that are NT, 2000, XP, or 2003, you can also use a utiltity called psexec that you can download and read about below:

http://www.sysinternals.com/ntw2k/freeware/psexec.shtml

I do not believe it'll work for 9x based machines though.
0
 

Author Comment

by:chebastian
ID: 10802996
How do I run a login script if they are not joined to a domain? I had the idea that you would have to be logged in order to run a script. Psexec needs you to know the password of the local machine in order to run a command. (right?)

thanks
0
 
LVL 9

Expert Comment

by:jamesreddy
ID: 10803266
Heh...you have a point.  LOL.  Can't believe I even suggested it.  Must be that fever of mine again.  :)

I guess then, your only alternative  is to make the batch file and put it into a location that the users can access it.  They can run it from a network share or you can email it to the users.  You're really limited in the capacity to use 98...as you pointed out, without a domain, they cannot run login scripts, and since they are 9x, they do not have machine accounts and therefore cannot run machine scripts or other utilities like psexec.exe.

If they were all NT, you'd be in the clear.  And yes, you'd need to know passwords to access the machines.  You have no alternative there.  NT security is designed to require a username and passwords to execute commands.  You have no choice in the matter and there is no way around this.  It is no different than joining a machine to the network the old fashioned way.  You'd have to log in to the local machine and join it, so you need to know the username and password.

If you're looking for a solution that does not require you to gain local access to the machine with a username and password, it does not exist.  If it did, that would contradict the idea of what NT security is all about.

James
0
 
LVL 51

Expert Comment

by:Netman66
ID: 10833244
Easy as pie!

Create this folder:  C:\Netlogon
Share it using the default name of Netlogon
Put your script in there - call it logon.cmd.
On the user's account properties add logon.cmd to the script field.

Done.

0
 
LVL 51

Expert Comment

by:Netman66
ID: 10833252
Script field is on the Profile tab on the user account.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 10833284
For the 9x machines - you won't be joining the domain, but instead configuring the Microsoft Client for domain login.

I don't have any 9x boxes to look at, but if you download InCtrl from here: http://www.pcmag.com/article2/0,4149,9882,00.asp

You can monitor what registry keys are modified when you change the client for domain login and create a reg file to run to do it for you.

0
 

Author Comment

by:chebastian
ID: 10833385
Question netman66,

when I create the netlogon folder and put the script in there, and in ad i chose logon.cmd in the script field. How are computers not joined to the domain use that script. Remember ther has to be no user intervention?.

Could you further explain what goes on in your solution because it seems very logical, however i think that if machines aren't hoined to the domain why would they go an look for the netlogon folder, or is that a default for workgroup machines?.

Also, could you provide a sample of the script, is it using netdom?

thanks

Sebastian
0
 
LVL 51

Expert Comment

by:Netman66
ID: 10836961
By default NT, 2000 and XP look for a Netlogon share for the script.  I was referring to adding the script to the local user account - but given further consideration, if you have to visit the workstation you might as well join it manually.

Yes, the script uses Netdom.exe, but like I said above if you have to go to the PC to get my first solution running you might as well join the domain while you're there instead.

Since joining the workstation requires you to be logged in as local Admin and you'll be asked for the Domain Admin account to finish there is no easy way to do this remotely.

If each location has a local "admin" then you can make a temporary user account for the domain while they join workstations for you - other than this, it's road trip heaven for you.

If you still want to toy with the script idea let me know.
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Domain Share problems 5 64
RDP up only between 8am-13.00 pm ? 11 83
Auto-Enrollment Group Policy 2 60
need help with active directory 4 65
Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question