I need to write a program or script that does a few things with (or to) a server after a Windows install. Among those is adding the server to a domain.
Is there a way to do this programmatically or using a script command?
+1
A:
If you want to do it from the Domain Controller:
Source: net computer \\computername /add
If you want to do it from the workstation:
Source: NETDOM JOIN /DOMAIN:[DOMAINNAME] /USERD:[USERNAME] /PASSWORDD:[PASSWORD]
Jaxidian
2010-06-14 16:54:18
Wouldn't this command ask for a password? How do I give it a password from a calling routine?
Andrew J. Brehm
2010-06-15 10:03:36
@Andrew: In my dealings with scripting the `net` command, it assumes credentials based on the user that is executing it. For example, if you logged into a domain machine and attempted to map a network drive to another machine (`net use x: \\ComputerName\ShareName`), it would use your domain credentials/token to attempt to access that share. So if you have this script ran as a domain user with the proper permissions, you should not be prompted/required to enter any credentials.
Jaxidian
2010-06-15 17:29:30
How would you run the script as a domain user before the computer has been added to the domain?
Andrew J. Brehm
2010-06-15 18:34:32
Oh, I understand the misunderstanding. This would be done on the controller, not the user machine. I'm updating my answer to give you a command for the workstation.
Jaxidian
2010-06-15 21:21:07
Oh, Windows, what are you doing to your users... apparently the netdom command is not present on all versions of Windows, just 2008 and 2008 R2 but not Windows 7.
Andrew J. Brehm
2010-06-16 10:46:38
This doesn't work. Netdom wants a "machine" parameter.
Andrew J. Brehm
2010-06-17 12:00:29
Works with machine name parameter
Andrew J. Brehm
2010-06-17 13:00:34
A:
I don't know how to do this myself, but perhaps take a look at the source code of Samba.
If I remember correctly, the Samba distribution includes a command-line utility that does exactly what you want (it can add hosts to a domain); I can't remember the utility's exact name, but it should still be in there. I think its purpose was to automatically migrate an old Windows NT domain over to Samba!
stakx
2010-06-14 16:56:32
+1
A:
It is not easy if you write a program, but it is possible and you can find corresponding code examples.
First of all you should create computer account in the domain. To do this you can use NetUserAdd function. The corresponding code example you will find under http://msdn.microsoft.com/en-us/library/aa370254%28VS.85%29.aspx. If you have a new computer account already created in Active Directory (in any way) in the corresponding destination OU you can skip the step. You must only understand, which password have this account (the password will be constructed based on the computer name, see code example for details).
Next you should get SID of Domain to which you add computer, and at the end you should use so-named LSA API to make all work locally with respect of LsaSetTrustedDomainInformation.
The corresponding code example you can find in http://support.microsoft.com/kb/145697.
If you do have to create a omputer account in the domain, be careful that you all time works with the same domain controller. Otherwise you can have small problem till the new account will be replicated to the next domain controller which you use (a small waiting loop with retries can be sufficient).
P.S. If you receive some problems with the implementation you can ask me additional question about this subject.
Oleg
2010-06-14 17:30:32