[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2616
  • Last Modified:

Netdom join to a sub ou

I am trying to add a xp computer (allot more than one) to a 2003 network using netdom

netdom join %computername% /domain:test /userd:%domainu% /passwordd:%domainp%

This works fine (note the % are set at the start of the file)

However i would also like to add it to a ou so i add the ou switch

netdom join %computername% /domain:test /userd:%domainu% /passwordd:%domainp% /OU:"OU=desktops,OU=computers,OU=06,DC=test.local"

or

netdom join %computername% /domain:test /OU:"OU=desktops,OU=computers,OU=06,DC=test.local" /userd:%domainu% /passwordd:%domainp%
This does not work however i put it

I just get the error

failed

more data is available

Help please
0
netefex
Asked:
netefex
  • 18
  • 16
  • 3
1 Solution
 
arnoldCommented:
YOu have too many OU references.
"OU=desktops,OU=computers,OU=06,DC=test.local"
might have to be "OU=desktops,OU=computers,OU=06,DC=test,DC=local"

run dsquery computer to see the string for a system
you can then use that minus the CN=computername, in your netdom.

Do you actually have a system within OU=desktops which is within OU=Computers which is within OU=06?
0
 
Netman66Commented:
The Computers container is NOT an OU.  I suspect this can't work because the tool is referencing an OU inside a built-in container.

As well, your DC= entry is incorrect (DC=test.local should be DC=test,DC=local).

Try creating a Desktops OU off the root of the domain (outside the Computers container) and a sub-OU of 06 inside that one then try running it again.

netdom join %computername% /domain:test /OU:"OU=desktops,OU=06,DC=test,DC=local" /userd:%domainu% /passwordd:%domainp%
0
 
netefexAuthor Commented:
I have now tried this and just got the error

Failed
More Data is available

(sorry for the delay in getting back to you)
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
netefexAuthor Commented:
Don't know if this helps but this is the ou I would like to get it in do (see pic)

 Ou Path
0
 
arnoldCommented:
Why not join the domain and then use the ADUC to move the computer from the computers OU into the one where you want it to be.

You did not include what you ran so it hard to say what might be the cause.

ou=desktops;OU=computers;ou=06;dc=test;dc=local

i.e. from Netman's http:#a35258589
netdom join %computername% /domain:test /OU:"OU=desktops,OU=Computers; OU=06,DC=test,DC=local" /userd:%domainu% /passwordd:%domainp%
0
 
Netman66Commented:
You missed the Computers OU in the commandline.

arnold has provided the correct line item.

netdom join %computername% /domain:test /OU:"OU=desktops,OU=Computers,OU=06,DC=test,DC=local" /userd:%domainu% /passwordd:%domainp%
0
 
netefexAuthor Commented:
I have ran (just now)

netdom join %computername% /domain:test /OU:"OU=desktops,OU=Computers,OU=06,DC=test,DC=local" /userd:%domainu% /passwordd:%domainp%

More data is available.

The command failed to complete successfully.


I am open to other ways of doing this, just would like to do it all in the batch file form the pc so we do not have to keep logging on to AD to move the computer before we can set it up for the user
0
 
Netman66Commented:
Try it without using variables.

netdom join %computername% /domain:test /OU:"OU=desktops,OU=06,DC=test,DC=local" /userd:domain/username /passwordd:*

Substitute test with your domain name, and domain/username with the account that has permissions to join the domain.

0
 
arnoldCommented:
Understandably you want to avoid providing identifying information, but we rely on you to make sure that the information you masquerade and the information you use to test is correct.

Can you please run:
dsquery computer | find "OU=06"

Do you have an entry "CN=somecomputername,OU=desktops,OU=06,DC=test,DC=local"
alternatively run: "dsquery OU" which will display the OUs you have
You need to copy the one of interest to you into
and use it in the netdom command.

Are these existing systems that you are migrating from one domain/ou to another or is it a new systems and you could use the image you deploy to autojoin the AD.

http://social.technet.microsoft.com/Forums/en-US/w7itproinstall/thread/c4485f7b-21fa-4535-9950-ae5ca4065b64

0
 
arnoldCommented:
Here is an alterntive, that you will use netdom that worked for you to join the computers into the domain.
but firs you prepare the AD with creating the computer accounts in the correct location using a CSV formated file and the script:
http://www.hofferle.com/scripting/create_computer_accounts_csv.html
This will create the computer accounts in the correct location (your OU) this way when you use netdom, the computer account existing in a specific OU will get the computer into that OU.
0
 
netefexAuthor Commented:
Here is what i just ran (same out come)

netdom join %computername% /domain:zgn /OU:"OU=desktops,OU=Computers,OU=06,DC=06s03dc01,DC=local" /userd:dowen /passwordd:password

also tryed

netdom join %computername% /domain:zgn /OU:"OU=desktops,OU=Computers,OU=06,DC=zgn,DC=local" /userd:dowen /passwordd:password


dsquery is not a useable command is that in a support pack or something?
0
 
netefexAuthor Commented:
this is my full bat file (so you can see what I am trying to do)

echo Change Computer Name
echo Set "domainusers" User As Local Admins
echo .
pause

cls


rem ***************************************************************************************
rem                         Join ZGN Domain
rem ***************************************************************************************

echo Enter a username with access to join this computer to the domain

SET /P domainu=

echo Enter password

SET /P domainp=

cls

echo Adding To ZGN Domain Please Wait......
rem netdom join %computername% /domain:zgn /userd:%domainu% /passwordd:%domainp%

netdom join %computername% /domain:zgn /OU:"OU=desktops,OU=Computers,OU=06,DC=06s03dc01,DC=local" /userd:dowen /passwordd:x968jlc3

rem ***************************************************************************************
rem                         Change Computer Name
rem ***************************************************************************************

echo Enter a computer name for this computer

SET /P domainc=

netdom renamecomputer %computername% /newname:%domainc% /UserD:%domainu% /PasswordD:%domainp% /force

rem ***************************************************************************************
echo .
echo Setting "domainusers" User As Local Admins
echo .
rem ***************************************************************************************

net localgroup administrators "domain users" /add

SET /P ANSWER=Reboot Now? (Y/N)?:

If /I %ANSWER%==Y goto shut
exit

:shut
echo Rebooting Please Wait....
shutdown -r -t 5
0
 
netefexAuthor Commented:
everything works except joining to that OU
0
 
arnoldCommented:
Your /domain does not match your OU
zgn DC=06s03dc0,dc=local

dsquery should exist on the server sorry for not making it clear that it should be run on the server.
0
 
netefexAuthor Commented:
06s03dc01 is the server name should that just be domain name? I wasn't sure so i did both

dsquery results

C:\Documents and Settings\06admin>dsquery computer | find "OU=06"
"CN=06S2KGOLDMINE01,OU=Servers,OU=06,DC=zebra,DC=lan"
"CN=06S2KDATA01,OU=Servers,OU=06,DC=zebra,DC=lan"
"CN=06W2KTSEMAILBAC,OU=Desktops,OU=Computers,OU=06,DC=zebra,DC=lan"
"CN=06S2KSECURID02,OU=Servers,OU=06,DC=zebra,DC=lan"
"CN=06S03VMTEST01,OU=Servers,OU=06,DC=zebra,DC=lan"
"CN=06S2KINTRANET01,OU=Servers,OU=06,DC=zebra,DC=lan"
"CN=06WXPADAY01,OU=Desktops,OU=Computers,OU=06,DC=zebra,DC=lan"
"CN=06S03BACKUP01,OU=Servers,OU=06,DC=zebra,DC=lan"
"CN=06S2KCISCO02,OU=Servers,OU=06,DC=zebra,DC=lan"
Dsquery has reached the default limit of 100 results to display; use the -limit
option to display more results.
0
 
arnoldCommented:
try this
netdom join %computername% /d:"zebra.lan" /OU:"OU=Desktops,OU=Computers,OU=06,DC=zebra,DC=lan" /userd:zebra.lan\dowen /passwordd:password /usero:administrator /passwordo:<local_administrator_password>

0
 
netefexAuthor Commented:
F:\Zebra\v1.2.2>netdom join 06WXPDOWEN01 /d:"zebra.lan" /OU:"OU=Desktops,OU=Comp
uters,OU=06,DC=zebra,DC=lan" /userd:zebra.lan\dowen /passwordd:password /usero:l
ocal user /passwordo:password
The syntax of this command is:
NETDOM [ ADD | COMPUTERNAME | HELP | JOIN | MOVE | QUERY | REMOVE | RENAME |
         RENAMECOMPUTER | RESET | TRUST | VERIFY | RESETPWD ]

Try "NETDOM HELP" for more information.
0
 
arnoldCommented:
You are running this command on the computer that you want to join into the domain.

netdom join 06WXPDOWEN01 /d:zebra  /OU:"OU=Desktops,OU=Comp
uters,OU=06,DC=zebra,DC=lan" /userd:zebra.lan\dowen /passwordd:password /usero:"l
ocal user" /passwordo:password

What about prepopulating the AD with the computer accounts within the correct OU and then using the netdom that works without the /OU specification?
0
 
netefexAuthor Commented:
Unfortunately we cant the computer names (wish I could change this....) are don't to fit the user eg Joe Blogs

Computer name would be - 06WXPJBLOGS

So I is the same as joining the computer to the domain then going to ad and moving the computer into a OU

And yes I was running on a new computer I want on the domain in that OU
0
 
arnoldCommented:
Try this, create a new computer account in the AD in the OU of your choice.
Then use the netdom command that worked for you to join that computer into the AD and you will see that the computer is joined and is in the correct OU.
Do you know what the computer names are?

Here is another alternative which deals with redefining the default location for a computer
On a DC, redircmp "OU=Desktops,OU=Computers,OU=06,DC=zebra,DC=lan"

http://www.expta.com/2009/03/changing-default-users-and-computers.html
Now your working netdom without OU specification will add any new system into this container.
0
 
netefexAuthor Commented:
.... still a issue if I were to do that all new computer would do into there and that fixes my issue but we are a global company and other sites use different OU eg up north use 09
0
 
arnoldCommented:
presumably you will be adding the computers in one shot.


netdom join 06WXPDOWEN01 /d:zebra  /ou:'OU=Desktops,OU=Computers,OU=06,DC=zebra,DC=lan' /userd:'zebra.lan\dowen' /passwordd:password

I think there is a small thing that is missing and is causing trouble.
but I can not see it.

What about using the prepopulation of the AD with the computer accounts?
0
 
netefexAuthor Commented:
Well as I said it wouldn't work due to not being able to know the computer names ahead of time

Is there any other cmd tool/exe I would use after it has joined the domain to then move it to the right ou?
0
 
arnoldCommented:
netdom move %computername% /d:zebra /ou:OU=Desktops,OU=Computers,OU=06,DC=zebra,DC=lan' /userd:'zebra.lan\dowen' /passwordd:password
0
 
netefexAuthor Commented:
netdom move 06WXPDOWEN01 /d:zebra.lan /ou:OU=Desktops,OU=Computers,OU=06,DC=zebra,DC=lan' /userd:dowen /passwordd:password
The account already exists.

The command failed to complete successfully.
0
 
netefexAuthor Commented:
I have checked the ou for that pc and it is not there (it is in the default folder as i just joined it to the domain
0
 
arnoldCommented:
ok,
lets try it this way using dsquery|dsmove mechanism
dsquery computer -name "pattern" | dsmove -newparent "OU=Desktops,OU=Computers,OU=06,DC=zebra,DC=lan"

In this example the patern can be 06wxpd*
Run dsquery computer "patern" to see what you get you could use find to exclude systems that are already in an OU. This is run on a server DC or a member server should have these  (resource kit/support tools/adminpak)

The problem is that you either have to have a list of  the computers you are adding and then moving, or have a naming pattern that isolates your system names from others.
dsquery computer | find /I "OU=Computers,DC=zebra,DC=lan"
this should output a list of computers in the default/builtin AD container "Computers"

dsquery computer -name "pattern" | find /V /i "OU="
Will only display systems that are in built-in containers (/V not in ) (/i case insensitive.)
0
 
netefexAuthor Commented:
Would you run dsquery|dsmove from the client computer?
0
 
arnoldCommented:
From a server. where dsquery/dsmod are available.
0
 
netefexAuthor Commented:
This again is not quite what I want to do, I guess I will have to live with moving the account in AD

Thanks for all your help
0
 
arnoldCommented:
The netdom join /OU:"option" should have worked.  Not clear why it did not.
It could be as simple as a type or wrong /switch.
0
 
netefexAuthor Commented:
Well you have what i have been using, I am at a loss

If you think of something let me know

Thanks for you help
0
 
arnoldCommented:
Could it be that the user dowen does not have rights to the OU?
Here is a try:
netdom join 06WXPDOWEN01 /d:zebra.lan /userd:dowen /passwordd:password /OU:"OU=Desktops,OU=Computers,OU=06,DC=zebra,DC=lan"

Alternativele using the netdom add to create the account first and then use netdom to join the workstation:

netdom add %computername% /d:zebra.lan /userd:zebra.lan\dowen /passwordd:password /OU:"OU=Desktops,OU=Computers,OU=06,DC=zebra,DC=lan"
 
netdom join %computername% /d:zebra.lan /userd:zebra.lan\dowen /passwordd:password

could you post the ouput of running the following query on the server
dquery ou | find /I "OU=Desktops,OU=Computers,OU=06"
Do you have an entry
"OU=Desktops,OU=Computers,OU=06,DC=zebra,DC=lan"
returned?


netdom add %computername% /d:zebra.lan /userd:zebra.lan\dowen \passwordd:password /OU:"OU=Desktops,OU=Computers,OU=06,DC=zebra,DC=lan"
 
netdom join %computername% /d:zebra.lan /userd:zebra.lan\dowen /passwordd:password

Open in new window

0
 
netefexAuthor Commented:
This is what i got when running it

dquery ou | find /I "OU=Desktops,OU=Computers,OU=06"

that dident work on my server do i need a support pack or download to run it?

dowen is a domain admin (it is also my account)

netdom add %computername% /d:zebra.lan /userd:zebra.lan\%domainu% \passwordd:%domainp% /OU:"OU=Laptops,OU=Computers,OU=06,DC=zebra,DC=lan"

The syntax of this command is:
NETDOM [ ADD | COMPUTERNAME | HELP | JOIN | MOVE | QUERY | REMOVE | RENAME |
         RENAMECOMPUTER | RESET | TRUST | VERIFY | RESETPWD ]

Open in new window

0
 
arnoldCommented:
the command is dsquery OU

netdom add "computername" /d:"zebra.lan" /ud:"domain\username" /pd:* /ou:"OU=Laptops,OU=Computers,OU=06,DC=zebra,DC=lan"
you will be prompted for the password.

I think the /passwordd has a wiered behavior if you use complex passwords.

The same should work with the join.
netdom add "computername" /d:"zebra.lan" /ud:"domain\username" /pd:* /ou:"OU=Laptops,OU=Computers,OU=06,DC=zebra,DC=lan"
You will be prompted for the password

I tested the netdom on a server to add the computer account to a specific OU, but think these two should work from the workstation.
0
 
arnoldCommented:
Copied, but forgot to modify
netdom join "%computername%" /d:"zebra.lan" /ud:"domain\username" /pd:* /ou:"OU=Laptops,OU=Computers,OU=06,DC=zebra,DC=lan"
You will be prompted for the password

This might be the fix for all the netdom options.
0
 
netefexAuthor Commented:
IT WORKS! YAY

Thank you so much

Nothing really to add ran it worked first time no problems
0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

  • 18
  • 16
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now