MORE INFORMATION
Netdom is a command-line utility that you can use to manage
Windows domains. This utility includes options to create and move computer
accounts for Windows NT 4.0 and Windows 2000 domain members. In earlier
versions of Windows, user and computer accounts were created on the primary
domain controller (PDC) in a Windows domain; the new accounts were not
available on remote domain controllers until full replication had taken place.
Netdom 2.0 contains a
join command that you can use to create a computer account on any
specified Windows 2000 domain controller. Netdom 2.0 uses a new NetJoinDomain
API, which is used in conjunction with multiple-master replication on Windows
2000 domain controllers, to create security principals (user, computers and
groups) on any domain controller in a domain. When you create the computer
account on a domain controller in the same Active Directory site as the client
workstation for which the account is created, you reduce or eliminate
replication latency delays that might prevent users from logging on to the
domain immediately.
The syntax of this
join command is:
C:\>netdom help join
NETDOM JOIN <computer>/Domain:<domain> [/OU:<ou path>] [/UserD:<user>]
[/PasswordD:[<password> | *]]
[UserO:<user>] [/PasswordO:[<password> | *]]
[/reboot[:<Time in seconds>]]
When you run this command, the following information
is displayed:
NETDOM JOIN Joins a workstation or member server to the domain. Where:
<computer> is the name of the workstation or member server to be joined
/Domain Specifies the domain which the machine should join
/UserD User account used to make the connection with the domain
specified by the /Domain argument
/PasswordD Password of the user account specified by /UserD.
Use * to prompt for the password
/UserO User account used to make the connection with the machine to be joined
/PasswordO Password of the user account specified by /UserO.
Use * to prompt for the password
/OU Organizational unit under which to create the machine account.
This must be a fully qualified RFC 1779 DN for the OU.
If not specified, the account will be created under the default organization
unit for machine objects for that domain.
/REBoot Specifies that the machine should be shutdown and automatically rebooted after the Join has completed.
The number of seconds before automatic shutdown can also be provided. Default is 20 seconds
Additions and Modifications
The
/Domain switch defines the name of the Windows domain that the computer
joins. You can use an optional parameter on the
/Domain switch and specify the netBIOS name of a single Windows 2000
domain controller on which the computer account is created, for example:
/Domain:domain name\domain controller name
: The optional parameter is not listed in the online Help that is
displayed by the
netdom help join command.
When you specify the name of the Windows 2000
domain controller, you can create computer accounts on domain controllers in
the same Active Directory site as the client by using the account and the
domain controllers in branch offices or staging sites.
For example,
if you want to join a \\Windows2000Pro workgroup computer on the \\NA-DC-01
domain controller in the NORTHAMERICA.COM domain, the full netdom join command
line is:
netdom join windows2000pro /Domain:NA\NA-DC-01 /Userd:NA\administrator /Passwordd:* /UserO:administrator /PasswordO:*
Always prepend the domain name to the user that is passed in the
/userd parameter.
The
wildcard character (*) prompts for the respective passwords of the
administrator accounts on the local computer and the A.COM domain. The
"/UserO:administrator /PasswordO:*" portion of the command is optional if the
logged-on user has administrative rights on the computer being
joined.
For more information about the NetJoinDomain API, visit the
following Microsoft Web site:
The
/reboot switch, which optionally restarts the computer after the join,
suggests that the default restart interval is 20 seconds. Netdom 2.0 hard codes
the restart timeout value to 30 seconds.