EPFL > VPSI > IT > EXAPP - Site d'information: WinAD (Windows Active Directory)
 

  Affiche tous les articles

 Mode d'emploi du moteur de recherche  Rechercher : 
Moteur de recherche
Home page
Accréditation
Activation MS
AD c'est quoi ?
AD PowerShell
Authentifications
Autorisations DHCP
bugs
Conseils AD
DCs Sécurité
Délégations OUs
Domaine SC
Gaspar
GPO
Grp-Staff
KMS
Migrations
Outils
· Enable the Disk Cleanup tool 2012R2
· Rearming Sysprep
· Apply Images Using DISM
· Désactiver la couche 6to4 (IPV6) sur Windows 7 ,8 ,2008 ,2012
· Check MachineConf
· AD Users & Computers : afficher l'onglet "additional account info" sur OS 64 bits
· CMD for AD 2000/3/8 Dsget
· ShellRunas for VISTA
· Déléguer la gestion des services
· Mise à jour automatique avec Software Update Services pour Windows 2000, XP et 2003
· SUBINACL modifier les permissions & permuter les SID
· ADMT-V2 (Active Directory Migration Toll)
· How-to Migration NT4-2000 with ADMT V2 by Philippe Chammartin(IC-ISC)
· Outils pour la gestion de l'Active Directory (support tools)
· "Replication Access Was Denied"
· LES INDISPENSABLES Outils de support Active Directory
· commandes de Windows 2000
· NETDOM Déplacer des comptes machines d'un domaine à un autre
· MOVETREE pour déplacer des USERS d'un domaine2000 à un autre
· Installation des outils de support de Windows 2000 sur un ordinateur Windows 2000 Server
· Outils de migration de Domaines et OU
Procès verbaux
Profiles Itinérants
PWAD
Règles de nommage
Restaurations DC Fac
ServerAD2003
ServerAD2008
Seven
Students
synchro
toto1
Trucs et Astuces
Win 8.1
WinAD
Windows 10
Windows 8
Windows Server
Wins
Work Shop
  Afficher une version imprimable de ce document dans une nouvelle fenêtre
 
NETDOM Déplacer des comptes machines d'un domaine à un autre
 


Netdom garde le SID de l'ordinateur pour qu'aucune permission d'accés ne soit perdue


This article describes how to use the Netdom utility (Netdom.exe) included in Windows 2000 Support Tools and in the Windows 2000 resource kits to create a computer account for Microsoft Windows NT 4.0 or Windows 2000 member workstations or servers on a specific Windows 2000 domain controller.

MORE INFORMATION

Netdom is a command-line utility that you can use to manage Windows domains. This utility includes options to create and move computer accounts for Windows NT 4.0 and Windows 2000 domain members. In earlier versions of Windows, user and computer accounts were created on the primary domain controller (PDC) in a Windows domain; the new accounts were not available on remote domain controllers until full replication had taken place. Netdom 2.0 contains a join command that you can use to create a computer account on any specified Windows 2000 domain controller. Netdom 2.0 uses a new NetJoinDomain API, which is used in conjunction with multiple-master replication on Windows 2000 domain controllers, to create security principals (user, computers and groups) on any domain controller in a domain. When you create the computer account on a domain controller in the same Active Directory site as the client workstation for which the account is created, you reduce or eliminate replication latency delays that might prevent users from logging on to the domain immediately.

The syntax of this join command is:
C:\>netdom help join

NETDOM JOIN <computer>/Domain:<domain> [/OU:<ou path>] [/UserD:<user>]

           [/PasswordD:[<password> | *]]

           [UserO:<user>] [/PasswordO:[<password> | *]]

           [/reboot[:<Time in seconds>]]
When you run this command, the following information is displayed:
NETDOM JOIN Joins a workstation or member server to the domain. Where:
  

<computer>      is the name of the workstation or member server to be joined

/Domain         Specifies the domain which the machine should join

/UserD          User account used to make the connection with the domain

                specified by the /Domain argument

/PasswordD      Password of the user account specified by /UserD.  
                Use * to prompt for the password

/UserO          User account used to make the connection with the machine to be joined

/PasswordO      Password of the user account specified by /UserO.  
                Use * to prompt for the password

/OU             Organizational unit under which to create the machine account. 
                This must be a fully qualified RFC 1779 DN for the OU. 
                If not specified, the account will be created under the default organization 
                unit for machine objects for that domain.

/REBoot         Specifies that the machine should be shutdown and automatically rebooted after
 the Join has completed.  
                The number of seconds  before automatic shutdown can also be provided. 
 Default is 20 seconds

Additions and Modifications

The /Domain switch defines the name of the Windows domain that the computer joins. You can use an optional parameter on the /Domain switch and specify the netBIOS name of a single Windows 2000 domain controller on which the computer account is created, for example:
/Domain: domain name\ domain controller name
NOTE: The optional parameter is not listed in the online Help that is displayed by the netdom help join command.

When you specify the name of the Windows 2000 domain controller, you can create computer accounts on domain controllers in the same Active Directory site as the client by using the account and the domain controllers in branch offices or staging sites.

For example, if you want to join a \\Windows2000Pro workgroup computer on the \\NA-DC-01 domain controller in the NORTHAMERICA.COM domain, the full netdom join command line is:
netdom join windows2000pro /Domain:NA\NA-DC-01 /Userd:administrator /Passwordd:* /UserO:administrator /PasswordO:*
The wildcard character (*) prompts for the respective passwords of the administrator accounts on the local computer and the A.COM domain. The "/UserO:administrator /PasswordO:*" portion of the command is optional if the logged-on user has administrative rights on the computer being joined.

For more information about the NetJoinDomain API, visit the following Microsoft Web site:
http://msdn.microsoft.com/library/psdk/network/ntlmapi2_8bzi.htm
The /reboot switch, which optionally restarts the computer after the join, suggests that the default restart interval is 20 seconds. Netdom 2.0 hardcodes the restart timeout value to 30 seconds.

Article N° 32, du 13.08.2002, par Alain Gremaud
URL de cet article : http://winad.epfl.ch/?article=32

© 2017 VPSI - EXAPP - TC