University of Idaho Main Page
 
e-Support   University of Idaho  
 
  E-SUPPORT ACCOUNT TOOLS FAQ SOFTWARE SERVICES OTHER
Information Technology Services e-Support
e-Support 

 

  QUESTIONS?
Contact the
ITS Help Desk

helpdesk@uidaho.edu
1-208-885-HELP (4357)
Teaching & Learning Center Room 128

Help Desk Hours:
 Mon - Fri: 7:00am - 6:00pm
See additional Library and SUB Lab hours
  Domain Joining Tool  

Updated: Tuesday September 23, 2009

This tool is provided to system administrators to assist them in joining computers to the University's Active Directory domain. If you are not a system administrator, and would like assistance joining your computer to Active Directory, please contact the ITS Help Desk. For instructions on how to join the domain manually, click here.

Click Here to Download the Domain Joining Tool

We are now importing information from NMS into Active Directory so, if you'd like to test this tool, make sure your computer record in NMS is named properly. If you are experiencing trouble, or do not have access to NMS, please contact the Novell Replacement Project (NRP) team at nrpteam@uidaho.edu.

Here's an outline of what the tool does:

  • Ensure the logged in user has local administrative access.
  • Compare all enumerated client MAC addresses with all computer objects in Active Directory.
  • Rename the computer if they differ in AD and on the client computer.
  • Reboot if necessary (for proper naming).
  • Bind the computer to Active Directory.
  • Add <computername>-ws-users and <computername>-ws-administrators to local Users and Administrators groups respectively.
  • Delete AD\Domain Admins from the local Users group.

In addition, the script will check to see if the machine is already bound to a domain. If it is the script will exit. 

If your computer is running Windows 2000 or a version of XP prior to SP3 then the tool will notify you that you should update your system, but it will continue running.

Change Log and Known Issues 

September 23, 2009
  • New:Windows 7 compatibility confirmed.
June 9, 2009
  • New:The tool is now signed. Vista users will notice the named publisher of the tool is the University of Idaho.
  • New: OS versions including XP Home, Vista Home (and Premium), Windows 7, Server 2003/2008 are not supported. The Tool now gracefully exits if these versions are detected.
  • New: The English version of the OS must be installed. There is now notification to the user if this is not the case. The tool is not supported on non-English versions of XP/Vista.
  • New: Group membership is modified immediately after the trust has been created.
  • New: Error checking on group membership added. If AD groups already exist in the local Users and Administrators groups then ITS is silently notified. Likewise, the tool also notifies ITS if groups are unable to be added to the local machine.
  • New: Refined all code within the application trimming about 300K from its size.

Beta Version

  • New:/strong> Groups added to local Administrators are now: <Computername>-ws-Administrators and prefix-<Department Prefix>
  • New: Group added to local Users group is now: <computername>-ws-Users
  • New: AD\Domain Users is removed from local Users group.
  • New: The tool checks for an existing trust to any Active Directory implementation and quits upon finding one.
  • New: The user is prompted with a notification that the script completed successfully after AD groups are added to local groups.
  • New: User is prompted, if running Vista, when the computer name is changed. Vista caches the computer name and user name and when the computer name is changed it is not reflected in the logon window. The user will manually have to change <oldcomputername>\jvandal to <newcomputername>\jvandal prior to logging in.
  • Fixed: The script does not require Windows to be installed at C:\WINDOWS
  • Fixed: All computer objects in AD are searched, not just objects in ou=ITS,ou=Computer Accounts
  • Fixed: If the tool is run on Vista then registry keys for the Novell client are set properly (Windows UserName, Windows Domain and Tab)
  • Fixed: After the script runs it properly cleans up after itself deleting any files it created on the client machine.
  • If you've run the tool, then unbound from AD, and tried to run the tool again, the script will throw an error because it does not check for existing AD objects in the local Administrators and Users groups.
  • If the <computername>-admin and -user groups do not exist in AD, then the script will not error, but those groups will not be added; AD\Domain Admins will still be deleted and prefix-<DepartmentName> will still be added.
  • The tool presumes that your Windows installation is installed on C:\. If your installation is a different drive letter, beware...
  • Currently, the tool only searches within the ou=ITS,ou=Computer Accounts ou. Please contact the NRP team if you'd like an object created in this ou to test.
  • In Vista, if the computer needs to be renamed, there seems to be an issue where the old computer name is still set as the logon domain.

If you experience difficulty with the tool or it's erroring out, email nrpteam@uidaho.edu with as much information as possible and we will make sure to address these problems as soon as we can.  You may also manually join the Active Directory domain.  Please click here for instructions.

 


 
  		•   
       
    CONTACT US | ACCOUNT TOOLS