Djoin
Applies To: Windows 7, Windows 8.1, Windows Server 2008 R2, Windows Server 2012 R2, Windows Server 2012, Windows 8
Provisions a computer account in a domain and requests an offline domain join when a computer restarts. For examples of how you can use this command, see Examples.
Syntax
djoin /provision /domain <domain_name> /machine <destination computer> /savefile <filename.txt> [/machineou <OU name>] [/dcname <name of domain controller>] [/reuse] [/downlevel] [/defpwd] [/nosearch] [/printblob] [/rootcacerts] [/certtemplate <name>] [/policynames <name(s)>] [/policypaths <path(s)>] [/NetBIOS <name>] [/psite <name>] [/dsite <name>] [/primarydns <name>]
djoin /requestodj /loadfile <filename.txt> /windowspath <path to the Windows directory of the offline image> /localos
Parameters
Parameter |
Description |
/provision |
Creates a computer account in Active Directory Domain Services (AD DS). |
/domain <domain name> |
Specifies the name of the domain to join. |
/machine <destination computer> |
Specifies the name of the computer that you want to join to the domain. |
/machineou <OU Name> |
Specifies the name of the organizational unit (OU) in which you want the computer account to be created. By default, the computer account is created in the Computers container. |
/dcname <domain controller name> |
Specifies the name of a specific domain controller that will create the computer account. If you do not specify a domain controller, the domain controller Locator (DC Locator) process is used to select a domain controller. |
/reuse |
Specifies the reuse of any existing computer account. The password for the computer account will be reset. |
/downlevel |
Supports the use of a domain controller that runs a version of Windows Server that is earlier than Windows Server 2008 R2. |
/savefile <filename.txt> |
Saves provisioning data to a file. |
/defpwd |
Uses the default machine account password (not recommended). |
/nosearch |
Skips account conflict detention. Requires the /DCName parameter. |
/printblob |
Returns a base64-encoded metadata blob for an answer file. |
/requestodj |
Requests an offline domain join at the next start. |
/Loadfile |
Specifies the output from a previous provisioning command. |
/windowspath <path to the Windows directory of the offline image> |
Specifies the path to the Windows directory of the offline image. If you are using the /localos parameter, specify %systemroot% or %windir% as the value of the /windowspath parameter. |
/localos |
Targets the local operating system installation, instead of an offline image, with the domain join information. If you use this parameter, the value that you specify for /windowspath should be %systemroot% or %windir%. Run this parameter only on a destination computer that you want to join to the domain. This parameter is blocked from being run on a domain controller. Because this parameter injects the blob data into the locally running operating system image, you must restart the computer to complete the domain join operation, as you must also do for an online domain join. |
/rootcacerts |
Optionally include root Certification Authority certificates. |
/certtemplate <name> |
Optional name of the machine certificate template. Includes root Certification Authority certificates. |
/policynames <name(s)> |
Optional semicolon-separated list of policy names. Each name is the displayName of the Group Policy object (GPO). |
/policypaths <path(s)> |
Optional semicolon-separated list of policy paths. Each path is a path to a registry policy file. |
/NetBIOS <name> |
Optional NetBIOS name of the computer joining the domain. Applies to computers that run versions of Windows beginning with Windows Server 2012 R2 and Windows 8.1. |
/psite <name> |
Optional name of the persistent site to put the computer joining the domain in. Applies to computers that run versions of Windows beginning with Windows Server 2012 R2 and Windows 8.1. |
/dsite <name> |
Optional name of the dynamic site to initially put the computer joining the domain in. Applies to computers that run versions of Windows beginning with Windows Server 2012 R2 and Windows 8.1. |
/primarydns <name> |
Optional name of primary DNS domain of the computer joining the domain. Applies to computers that run versions of Windows beginning with Windows Server 2012 R2 and Windows 8.1. |
Remarks
You can run Djoin.exe only on computers that run Windows 7 or Windows Server 2008 R2. The computer on which you run Djoin.exe to provision computer account data into AD DS must be running Windows 7 or Windows Server 2008 R2. The computer that you want to join to the domain must also be running Windows 7 or Windows Server 2008 R2.
By default, the Djoin.exe commands target a domain controller that runs Windows Server 2008 R2. However, you can specify an optional /downlevel parameter if you want to target a domain controller that is running a version of Windows Server that is earlier than Windows Server 2008 R2.
Examples
To provision a computer account named computer1 in the domain contoso.com and save the resulting metadata blob in a file named offlinedomainjoin.txt, run the following command at an elevated command prompt:
djoin /provision /domain contoso.com /machine computer1 /savefile offlinedomainjoin.txt
To request an offline domain join for a local computer and inject the domain join information from a file named offlinedomainjoin.txt into the local operating system, run the following command at an elevated command prompt:
djoin /requestODJ /loadfile offlinedomainjoin.txt /windowspath %SystemRoot% /localos