Who doesn't love NETDOM?
This command-line tool enables administrators to manage Windows domains and trust relationships from the command line. This tool is very handy for scripted installs, updates, adds/removes, and general info gathering.
- Join a computer that runs Windows XP Professional or Windows Vista to a Windows Server 2008 or Windows Server 2003 or Windows 2000 or Windows NT 4.0 domain.
- Manage computer accounts for domain member workstations and member servers.
- Establish one-way or two-way trust relationships between domains.
- Manage trust relationships between domains.
- Verify or reset the secure channel between workstations/servers, BDCs (NT4), Server 2008/2003/2000 replicas
Command | Description |
---|---|
Netdom add | Adds a workstation or server account to the domain. |
Netdom computername | Manages the primary and alternate names for a computer. This command can safely rename Active Directory domain controllers as well as member servers. |
Netdom join | Joins a workstation or member server to a domain. The act of joining a computer to a domain creates an account for the computer on the domain, if it does not already exist. |
Netdom move | Moves a workstation or member server to a new domain. The act of moving a computer to a new domain creates an account for the computer on the domain, if it does not already exist. |
Netdom query | Queries the domain for information such as membership and trust. |
Netdom remove | Removes a workstation or server from the domain. |
Netdom movent4bdc | Renames a Windows NT 4.0 backup domain controller to reflect a domain name change. This can assist in Windows NT 4.0 domain renaming efforts. |
Netdom renamecomputer | Renames a domain computer and its corresponding domain account. Use this command to rename domain workstations and member servers only. To rename domain controllers, use the netdom computername command. |
Netdom reset | Resets the secure connection between a workstation and a domain controller. |
Netdom resetpwd | Resets the computer account password for a domain controller. |
Netdom trust | Establishes, verifies, or resets a trust relationship between domains. |
Netdom verify | Verifies the secure connection between a workstation and a domain controller. |
Examples
Here are a few examples that might be of some use. Some things you might not do every day, but you will be called upon from time to time to perform.
Join a Workstation or Member Server to a Domain
To join TheWorkStation to the my.example.com domain in the developers/workstations organizational unit, type the following at the command prompt:
netdom join /d:my.example.com TheWorkStation /OU:OU=developers,OU=Workstations,DC=myrootdomain,DC=com
Besides adding the computer account to the domain, the workstation is modified to contain the appropriate shared secret to complete the join operation.
Remove a Workstation or Member Server from a Domain
To remove TheWorkStation from the mydomain domain and make the workstation a part of a workgroup, type the following at the command prompt:
netdom remove /d:mydomain TheWorkStation /ud:mydomain\admin /pd:password
Verify a Workstation or Member Server Secure Channel
To verify the secure channel secret is maintained between TheWorkStation and developers.example.com, type the following at the command prompt:
netdom verify /d:developers.example.com TheWorkStation
View All Workstation Members in a Domain
To list all the workstations in the domain MyWindowsDomain, type the following at the command prompt:
netdom query /d:MyWindowsDomain WORKSTATION
View All Server Members in a Domain
To list all of the servers in MyWindowsDomain, type the following at the command prompt:
netdom query /d:MyWindowsDomain SERVER
View All Domain Controller Members in a Domain
To list all the domain controllers in the domain MyWindowsDomain, type the following at the command prompt:
netdom query /d:MyWindowsDomain DC
View All Organizational Unit Members in a Domain
To list all of the OUs in developers.domain.com, type the following at the command prompt:
netdom query /d:developers.domain.com OU
Rename a Domain Cmoputer
To rename domain workstations and member servers only. To rename domain controllers, use the netdom computername command.
netdom renamecomputer MyOldName /newname:MyNewName.example.com /userd:administrator
Rename Active Directory Domain Controllers
Manage the primary and alternate names for a computer. This command can safely rename Active Directory domain controllers as well as member servers. Before you can make a name the primary name of a computer, that name must exist as an alternate. To give an alternate name for the domain controller DC in the example.com domain, use the following syntax:
netdom computername dc /add:altDC.example.com
Then, use the following to rename the domain controller:
netdom computername dc /makeprimary:altdc.example.com
About this post
Posted: 2011-07-03
By: dwirch
Viewed: 8,109 times
Categories
Windows Commandline
Networking
Active Directory
Windows Server
Attachments
Loading Comments ...
Comments
No comments have been added for this post.
Sorry. Comments are frozen for this article. If you have a question or comment that relates to this article, please post it in the appropriate forum.