INFORMATICS

The Best

Przełącznik języka

This Site

Płatnik

CMS

Hardware

Uncategorised

Emulators

Powershell

Storage Array

DNS

Antivirus program

Licznik

2.png0.png6.png4.png1.png9.png7.png
Today191
Yesterday953
This week2503
This month10792
Total2064197

Visitor Info

  • IP: 35.171.164.78
  • Browser: Unknown
  • Browser Version:
  • Operating System: Unknown

Who Is Online

9
Online

wtorek, 13 kwiecień 2021 08:33

Offline Domain Join - Podłączenie offline do domeny

Gwiazdka nieaktywnaGwiazdka nieaktywnaGwiazdka nieaktywnaGwiazdka nieaktywnaGwiazdka nieaktywna
 

Offline Domain Join

W skrajnych przypadkach możemy konfigurować nasze komputery bez dostępu do domeny służy do tego podłączenie do domeny offline

Jak to uruchomić?

Uruchamiamy linię poleceń cmd i wpisujemy:
djoin /provision /domain nazwa_domeny.local/machine nazwa_hosta /savefile C:\nazwa_hosta.txt

djoin /provision /domain <domain_name> /machine <destination computer> /savefile <filename.txt> [/machineou <OU name>] [/dcname <name of domain controller>] [/reuse] [/downlevel] [/defpwd] [/nosearch] [/printblob] [/rootcacerts] [/certtemplate <name>] [/policynames <name(s)>] [/policypaths <Path(s)>]

djoin /requestodj /loadfile <filename.txt> /windowspath <path to the Windows directory of the offline image> /localos


W Active Directory Users and Computers w kontenerze Computers pojawi się wygenerowany skrypt, kopiujemy go do katalogu C:\DJOIN.

Po uruchomieniu w nowym oddziale komputera ktokolwiek wydaje polecenie (lub uruchamia skrypt):
djoin /requestodj /loadfile C:\DJOIN\nazwa_hosta.txt /windowspath %SystemRoot% /localos


i restartujemy komputer.

Parametry

 

Description

/provision

Creates a computer account in AD DS.

/domain <domain name>

Specifies the name of the domain to join.

/machine <destination computer>

Specifies the name of the computer that you want to join to the domain.

/machineou <OU Name>

Specifies the name of the organizational unit (OU) in which you want the computer account to be created. By default, the computer account is created in the Computers container. This parameter is ignored if /reuse is specified.

/dcname <domain controller name>

Specifies the name of a specific domain controller that will create the computer account. If you do not specify a domain controller, the domain controller Locator (DC Locator) process is used to select a domain controller.

/reuse

Specifies the reuse of any existing computer account. The password for the computer account will be reset.

/downlevel

Supports the use of a domain controller that runs a version of Windows Server that is earlier than Windows Server 2008 R2.

/savefile <filename.txt>

Saves provisioning data to a file.

/defpwd

Uses the default machine account password (not recommended).

/nosearch

Skips account conflict detention. Requires the /DCName parameter.

/printblob

Return a base64-encoded metadata blob for an answer file.

/rootcacerts

This parameter is only available on Windows Server 2012.

Optionally include root Certificate Authority certificates.

/certtemplate <Name>

This parameter is only available on Windows Server 2012.

Optional <Name> of machine certificate template. Includes root Certificate Authority certificates.

/policynames <Name(s)>

This parameter is only available on Windows Server 2012.

Optional semicolon-separated list of Group Policy object (GPO) names. Each name is the displayName of the GPO in AD DS.

/policypaths <Path(s)>

This parameter is only available on Windows Server 2012.

Optional semicolon-separated list of policy paths. Each path is a path to a registry.pol file.

GPOs store registry-based configuration settings in registry.pol files. To include registry-based configuration settings in the blob data, specify the path and file name using any of the following formats:

  • /POLICYPATHS mypolicy.xyz
  • /POLICYPATHS .\mypolicy2.xyz
  • /POLICYPATHS c:\tmp\mypolicy3.xyz
  • /POLICYPATHS \\server\share\mypolicy4.xyz
  • /POLICYPATHS mypolicy.xyz;.\mypolicy2.xyz;c:\tmp\mypolicy3.xyz;\\server\share\mypolicy4.xyz

Search