fortypoundhead.com

Who doesn't love NETDOM?

Posted On 2011-07-03 by dwirch
Keywords:
Tags: Active Directory Windows Commandline Networking Windows Server 2008 Windows Server 2003 Windows 2000
Views: 6720


This command-line tool enables administrators to manage Windows domains and trust relationships from the command line. This tool is very handy for scripted installs, updates, adds/removes, and general info gathering.

  • Join a computer that runs Windows XP Professional or Windows Vista to a Windows Server 2008 or Windows Server 2003 or Windows 2000 or Windows NT 4.0 domain.
  • Manage computer accounts for domain member workstations and member servers.
  • Establish one-way or two-way trust relationships between domains.
  • Manage trust relationships between domains.
  • Verify or reset the secure channel between workstations/servers, BDCs (NT4), Server 2008/2003/2000 replicas
Command Description
Netdom add Adds a workstation or server account to the domain.
Netdom computername Manages the primary and alternate names for a computer. This command can safely rename Active Directory domain controllers as well as member servers.
Netdom join Joins a workstation or member server to a domain. The act of joining a computer to a domain creates an account for the computer on the domain, if it does not already exist.
Netdom move Moves a workstation or member server to a new domain. The act of moving a computer to a new domain creates an account for the computer on the domain, if it does not already exist.
Netdom query Queries the domain for information such as membership and trust.
Netdom remove Removes a workstation or server from the domain.
Netdom movent4bdc Renames a Windows NT 4.0 backup domain controller to reflect a domain name change. This can assist in Windows NT 4.0 domain renaming efforts.
Netdom renamecomputer Renames a domain computer and its corresponding domain account. Use this command to rename domain workstations and member servers only. To rename domain controllers, use the netdom computername command.
Netdom reset Resets the secure connection between a workstation and a domain controller.
Netdom resetpwd Resets the computer account password for a domain controller.
Netdom trust Establishes, verifies, or resets a trust relationship between domains.
Netdom verify Verifies the secure connection between a workstation and a domain controller.

Examples

Here are a few examples that might be of some use. Some things you might not do every day, but you will be called upon from time to time to perform.

Join a Workstation or Member Server to a Domain

To join TheWorkStation to the my.example.com domain in the developers/workstations organizational unit, type the following at the command prompt:

netdom join /d:my.example.com TheWorkStation /OU:OU=developers,OU=Workstations,DC=myrootdomain,DC=com

Besides adding the computer account to the domain, the workstation is modified to contain the appropriate shared secret to complete the join operation.

Remove a Workstation or Member Server from a Domain

To remove TheWorkStation from the mydomain domain and make the workstation a part of a workgroup, type the following at the command prompt:

netdom remove /d:mydomain TheWorkStation /ud:mydomain\admin /pd:password

Verify a Workstation or Member Server Secure Channel

To verify the secure channel secret is maintained between TheWorkStation and developers.example.com, type the following at the command prompt:

netdom verify /d:developers.example.com TheWorkStation

View All Workstation Members in a Domain

To list all the workstations in the domain MyWindowsDomain, type the following at the command prompt:

netdom query /d:MyWindowsDomain WORKSTATION

View All Server Members in a Domain

To list all of the servers in MyWindowsDomain, type the following at the command prompt:

netdom query /d:MyWindowsDomain SERVER

View All Domain Controller Members in a Domain

To list all the domain controllers in the domain MyWindowsDomain, type the following at the command prompt:

netdom query /d:MyWindowsDomain DC

View All Organizational Unit Members in a Domain

To list all of the OUs in developers.domain.com, type the following at the command prompt:

netdom query /d:developers.domain.com OU

Rename a Domain Cmoputer

To rename domain workstations and member servers only. To rename domain controllers, use the netdom computername command.

netdom renamecomputer MyOldName /newname:MyNewName.example.com /userd:administrator

Rename Active Directory Domain Controllers

Manage the primary and alternate names for a computer. This command can safely rename Active Directory domain controllers as well as member servers. Before you can make a name the primary name of a computer, that name must exist as an alternate. To give an alternate name for the domain controller DC in the example.com domain, use the following syntax:

netdom computername dc /add:altDC.example.com

Then, use the following to rename the domain controller:

netdom computername dc /makeprimary:altdc.example.com


About the Author

dwirch has posted a total of 173 articles.

You can find more information from dwirch by visiting http://www.derekwirch.com.


Comments On This Post

No comments on this post yet!


Do you have a thought relating to this post? You can post your comment here. If you have an unrelated question, you can use the Q&A section to ask it.

Or you can drop a note to the administrators if you're not sure where you should post.


Your IP address is:54.198.233.27

Before you can post, you need to prove you are human. If you log in, this test goes away.



Recent Forum Posts

Fold Code Manager into main KB?
VB6Boy posted on July 22, 2017 at about 14:42 in Site News

Fold Code Manager into main KB?
dwirch posted on July 22, 2017 at about 14:41 in Site News

Fold Code Manager into main KB?
dwirch posted on July 21, 2017 at about 22:46 in Site News

Fold Code Manager into main KB?
dwirch posted on July 20, 2017 at about 7:55 in Site News

Job Spammer: Sam Mallon
dwirch posted on July 18, 2017 at about 18:36 in Spammers

When setting up a certificate authority ...
dwirch posted on July 13, 2017 at about 9:07 in General