Add A Computer To An Active Directory Domain With PowerShell

Home » Active Directory Add Computer To Domain Powershell » Add A Computer To An Active Directory Domain With PowerShell

Maybe your like

A common task many system administrators do is adding computers to an Active Directory domain. Since Active Directory is embedded in so many organizations, nearly every IT professional is probably familiar with the box below. Read 4sysops without ads for free
  • Author
  • Recent Posts
Adam Bertram Adam BertramAdam Bertram is a 20-year IT veteran, Microsoft MVP, blogger, and trainer. Adam Bertram Latest posts by Adam Bertram (see all)
  • Create a certificate-signed RDP shortcut via Group Policy - Fri, Aug 9 2019
  • Monitor web server uptime with a PowerShell script - Tue, Aug 6 2019
  • How to build a PowerShell inventory script for Windows Servers - Fri, Aug 2 2019

This box is the infamous domain-join box that comes up whenever adding a computer to a domain. If you're still adding computers via this method though, you're doing it the hard way. This process requires logging onto a machine, performing about a dozen mouse clicks, rebooting, and waiting. Why not just do this?

Read 4sysops without ads for free Active Directory domain join

Active Directory domain join

This PowerShell snippet above connects remotely to the computer NAMEHERE, attempts to join it to the domain domain.here and then afterward restarts it. No more logging on computers and clicking around. This method not only speeds up joining a domain on a single machine but also can easily extend to multiple devices as well if the computer names are stored somewhere else, like a text file.

$computers = Get-Content -Path C:\Computers.txt Add-Computer -ComputerName $computers -Domain 'domain.here' -Restart

Using PowerShell is a great start, but chances are you need more flexibility. You may also want to add the computer to a specified organizational unit, ensure that the computer rebooted successfully, and so on.

For some additional actions, the Add-Computer cmdlet provides other parameters. Use help Add-Computer -Detailed to see what it can do. But there are some things that Add-Computer cannot do as well.

For example, I like to verify an organizational unit exists before attempting to add a computer to it. Likewise, I also prefer to get some notification when the computer comes back up after a reboot. Let's build a tool in PowerShell to give us some additional functionality.

To build this tool, we'll first create a "wrapper" function around Add-Computer. This wrapper function will allow us to tack on additional behavior.

function Add-AcmeComputer {     param(         [string]$ComputerName     )     foreach ($computer in $ComputerName) {         if (-not (Test-Connection -ComputerName $computer -Quiet -Count 1)) {             Write-Warning "Could not ping computer [$computer]"         } else {             ## Do some more stuff         }     } }

Notice that I've created the start of a tool. I've given it a name similar to Add-Computer yet customized it to my organization and created a few parameters that resemble parameters on Add-Computer. I also added some additional validation already. I'm first pinging the computer to ensure it's online before doing anything else. Why even attempt to join the computer to a domain if it's not even online? Read 4sysops without ads for free

Next, I'll fill in some code in the else block. Here is where I can add anything I need to do before or after joining the computer to the domain. For kicks, let's add some functionality to ensure the computer reboots and comes back up after we join it to a domain. To do this, I'll add a Wait parameter that is not on the Add-Computer command. I'll then add the code necessary to wait for the computer only if I use the Wait parameter.

function Add-AcmeComputer { param( [string[]]$ComputerName, [string]$Domain, [switch]$Wait ) foreach ($computer in $ComputerName) { if (-not (Test-Connection -ComputerName $computer -Quiet -Count 1)) { Write-Warning "Could not ping computer [$computer]" } else { Write-Information "[$computer] is being added to domain [$Domain]..." Add-Computer -ComputerName $computer -Domain $Domain -Restart if ($Wait.IsPresent) { ## Give it some time to go offline while (Test-Connection -ComputerName $computer -Quiet -Count 1) { Start-Sleep -Seconds 2 } ## It's now offline, wait for it to come back while (-not (Test-Connection -ComputerName $computer -Quiet -Count 1)) { Start-Sleep -Seconds 2 Write-Information "[$computer] rebooted and is back!" } } Write-Information "[$computer] was added to domain [$Domain]..." } } }

Once you've got the function to this point, adding new functionality is a piece of cake. Your situation will most likely be different from mine, and you will have additional requirements. But now, you have the foundation completed to add more of your own validation or pre- and post-domain-joining tasks.

8 Comments avataravataravatar Read 4sysops without ads for free

Tag » Active Directory Add Computer To Domain Powershell