Djoin.exe- The Process of Adding Computers to a Domain Offline

Djoin.exe simplifies and automates joining computers to a domain by using simple text commands rather than relying on the GUI interface of Active Directory Users and Computers (ADUC). You can either join one or more workstations to your Microsoft Active Directory Domain or join a single computer to the domain. Djoin.exe provides two ways to run:

– Used interactively, Djoin.exe prompts you to enter information about the computer to be joined (such as name, user name and password for each account) or the domain that the computer is joining and then performs the join operation. You can add accounts directly from within the joined dialogue and then use Djoin.exe to create NetBIOS names for them automatically (see also NetBIOS Names). You cannot use Djoin.

 What is Djoin?  

Djoin is a Windows command-line utility that simplifies and automates Domain Join operations on target computers. This utility can be run from a computer already joined to the domain or from an ” offline ” computer (for example, in Windows PE). Using Djoin, you can add computers to the domain or join an already joined computer. You can also remove computers from the domain. In addition, you can create or modify NetBIOS name resources on target computers during a join operation.

How do I join an offline domain?  

You can use Djoin to join an offline domain. Use the following steps:  

1.  Boot from media (this example is using a flash drive): Insert the USB Key into the target computer and boot from it, either by changing boot order in BIOS or pressing the F12 key at startup, then choose Removable Device.

2. It will load the files to memory and then present you with cmd.exe (command prompt)

3. Now run djoin /provision

djoin /provision /domain <yourdomain> /machine <targetname> /savefile <filename.txt>

4. When it is finished, copy the text from the file and run it on another computer: djoin /requestodjvsite /load file <filename.txt> /domain <yourdomain>

5. Wait for it to finish, then manually remove the USB drive and reboot the computer: Hit F12 and remove the USB key from the target computer at the boot screen.

Can I join a computer to a domain remotely?  

If you already have a computer joined to the domain, you can use Djoin to join additional computers directly from a remote computer. Use the following steps:

1. Boot from media (this example is using a flash drive). Insert the USB Key into the target computer and boot from it, either by changing boot order in BIOS or pressing the F12 key at startup, then choose Removable Device.

2. It will load the files to memory and then present you with cmd.exe (command prompt)

3. Now run djoin /requestodjvsite /loadfile <filename.txt>

4. When it is finished, copy the text from file and run on another computer: djoin /requestodjvsite /domain <yourdomain> /machine <targetname>

5. Now wait for it to finish, then manually remove the USB drive and reboot the computer: At the boot screen, hit F12 to remove the USB key from the target computer.

We have been asked why you can’t use /forest; I think we have the answer now.

Do not use the /forest switch to join a forest. It is not supported in Windows 7 or Windows Server 2008 R2. Using it will cause unpredictable results and errors during the join operation. All OSes support a /domain switch and should be used instead of the /forest switch.

What allows a device to join a network without joining its domain?  

  Windows 7 and Windows 8  

• Select the check box: “Prevent this device from joining any domain”.

• Windows Server 2008 R2

• Select the check box: “This device is not joined to a domain”.

• Windows Vista, Windows XP and Windows Server 2003

Select the check box: “The following additional restrictions apply. Users or groups cannot use Roaming profiles” or select the Advanced tab > Select a user name and enter a password as shown in the following figure. Be sure to select Full Control.

 Step 4:  Join the computer to the domain.

If you want to join a computer to a domain, you need to boot this computer with an Active Directory-enabled Windows installation CD as described in the steps below.

Starting with Windows 7, you can use a USB flash drive as an Active Directory-enabled installation CD: Note that PCs running Windows XP and Vista should use the original installation media, not a USB flash drive.

How do I remotely access a domain?

Windows XP, Windows Vista, and Windows 7 

In the Group Policy Management Console, select the Group Policy object (GPO) to which you want to add the computer account. To do so, expand the Forest container, expand Domains, and then select your domain. Right-click Default Domain Policy GPO or another GPO for which you want to modify computer account policy settings, and then click Edit. In the Group Policy Management Editor window, under Computer Configuration, expand Policies, and then click Windows Settings.

How can I access a server from outside the network?  

  Windows 8  

 Use the new settings in the Network And Sharing Center. Under the Change adapter settings: 

Click Connect to a workplace, enter your cable provider credentials, and click Next.

Type in your credentials for DUN, and then click Next. After Microsoft logs you into this network is done successfully, it will tell you to change your current network connection settings by going to Settings > Network & Internet > Network and sharing centre> Change adapter settings and then select Use my Internet connection (always).

How do I remote into another computer using Active Directory?  

Windows 7, Windows 8, and Windows Server 2008 R2

From the Start screen, type the person’s name whose computer you want to access. If a user is logged in and you’re prompted for a password, enter it. Otherwise, it’s just a matter of clicking on the name.

Windows Vista and Windows Server 2003

Select User Accounts > User Options > Change Your Password from the Control Panel. Enter your current password as prompted, and then type your new password twice without pressing Enter.