Join Computers to Domain Automatically W95/W98/w2k/wxp

For WinXP or better, you have the JoinDomainOrWorkGroup and the Rename method in

the Win32_ComputerSystem class.

Rename Method in Class Win32_ComputerSystem
http://msdn.microsoft.com/library/en-us/wmisdk/wmi/rename_method_in_class_win32_computersystem.asp

JoinDomainOrWorkGroup Method in Class Win32_ComputerSystem
http://msdn.microsoft.com/library/en-us/wmisdk/wmi/joindomainorworkgroup_method_in_class_win32_computersystem.asp

Technet Script Center > Computer Management:

Join Computer to a Domain
http://www.microsoft.com/technet/scriptcenter/compmgmt/scrcm31.asp

Rename a Computer and Computer Account
http://www.microsoft.com/technet/scriptcenter/compmgmt/scrcm36.asp


For pre-WinXP OS (and WinXP as well):


The JoinDom freeware utility found at tip 5956 at
http://www.jsiinc.com/reghack.htm can be used.


Or you can use the command line utility netdom.exe from MS.

Latest version of netdom.exe can be downloaded from here:

Windows 2000 SP3 Support Tools
http://www.microsoft.com/windows2000/downloads/servicepacks/sp3/supporttools.asp

There came one updated version with SP2 as well, but I would be very surprised
if the SP3 netdom version do not work on pre SP3 computers.


More info can be found here:

http://groups.google.com/groups?selm=3D7CFEC8.556EDB2B%40hydro.com

Hope that helps.


James

My join computer to domain link is wrong.  Here it is...for XP:

http://www.microsoft.com/technet/community/scriptcenter/compmgmt/scrcm31.mspx

Darn it...my JSI link is wrong too.

http://www.jsiinc.com/subl/tip5900/rh5956.htm

That's for all OS's.  It could be a fallback.  Youcould create an account with privelages to simply join computers to a domain, distribute this utility and that account information out to your users with instructions as a fallback.

You main problem here is the legacy OS's...they are not designed to work with 2003

Also...just found this link on how to automate the creation of computer accounts.  Could be useful with Windows 2000 and Windows XP accounts.  Doesn't do anything for you on the 9x operating systems though.

I was thinking the same thing.  I did forget to mention DSCLIENT though.  They will need that in order to see the Active Directory structure correctly.

However, he wants to 9x clients to be logged into the domain, if I understand the question correctly.  I know they don't have computer accounts, but client for Microsoft Networks still need to be configured for the user to log into the domain, rather than the local workstation which is why I posted the other info.

That info was correct - thus, no need to mention it!

I wasn't contradicting you - just filling in the blanks and reaffirming your answers.

OH...geez...NETMAN!  I didn't even know it was you.

Ahhh...well, I misread your message.  :)  Sorry...I have the flu, a fever, and thus...I am out of it.  lol.  I originally got the impression you thought I was trying to tell him to create computer accounts in the domain for the 98 machines.

Should have known better if I had looked at the author's name.  I would have reread it three times before responding to the man who saved my butt twice.  :)

But like I said...I did forget to mention DSCLIENT.  So thanks for the backup!  :)

No problem James!

Hope you get better soon.

Sorry for the bother but here is the problem, I need to perform this remotely and automatically with no user intervention, if it is a possibility.

thanks

All the commands listed can be executed from a simple login script.  Just create a batch file and have the remote systems run it from a login script.  should be nothing to it.

For systems that are NT, 2000, XP, or 2003, you can also use a utiltity called psexec that you can download and read about below:

http://www.sysinternals.com/ntw2k/freeware/psexec.shtml

I do not believe it'll work for 9x based machines though.

How do I run a login script if they are not joined to a domain? I had the idea that you would have to be logged in order to run a script. Psexec needs you to know the password of the local machine in order to run a command. (right?)

thanks

Heh...you have a point.  LOL.  Can't believe I even suggested it.  Must be that fever of mine again.  :)

I guess then, your only alternative  is to make the batch file and put it into a location that the users can access it.  They can run it from a network share or you can email it to the users.  You're really limited in the capacity to use 98...as you pointed out, without a domain, they cannot run login scripts, and since they are 9x, they do not have machine accounts and therefore cannot run machine scripts or other utilities like psexec.exe.

If they were all NT, you'd be in the clear.  And yes, you'd need to know passwords to access the machines.  You have no alternative there.  NT security is designed to require a username and passwords to execute commands.  You have no choice in the matter and there is no way around this.  It is no different than joining a machine to the network the old fashioned way.  You'd have to log in to the local machine and join it, so you need to know the username and password.

If you're looking for a solution that does not require you to gain local access to the machine with a username and password, it does not exist.  If it did, that would contradict the idea of what NT security is all about.

James

Easy as pie!

Create this folder:  C:\Netlogon
Share it using the default name of Netlogon
Put your script in there - call it logon.cmd.
On the user's account properties add logon.cmd to the script field.

Done.

Script field is on the Profile tab on the user account.

For the 9x machines - you won't be joining the domain, but instead configuring the Microsoft Client for domain login.

I don't have any 9x boxes to look at, but if you download InCtrl from here: http://www.pcmag.com/article2/0,4149,9882,00.asp

You can monitor what registry keys are modified when you change the client for domain login and create a reg file to run to do it for you.

Question netman66,

when I create the netlogon folder and put the script in there, and in ad i chose logon.cmd in the script field. How are computers not joined to the domain use that script. Remember ther has to be no user intervention?.

Could you further explain what goes on in your solution because it seems very logical, however i think that if machines aren't hoined to the domain why would they go an look for the netlogon folder, or is that a default for workgroup machines?.

Also, could you provide a sample of the script, is it using netdom?

thanks

Sebastian

By default NT, 2000 and XP look for a Netlogon share for the script.  I was referring to adding the script to the local user account - but given further consideration, if you have to visit the workstation you might as well join it manually.

Yes, the script uses Netdom.exe, but like I said above if you have to go to the PC to get my first solution running you might as well join the domain while you're there instead.

Since joining the workstation requires you to be logged in as local Admin and you'll be asked for the Domain Admin account to finish there is no easy way to do this remotely.

If each location has a local "admin" then you can make a temporary user account for the domain while they join workstations for you - other than this, it's road trip heaven for you.

If you still want to toy with the script idea let me know.