Join a Computer to a domain with VBScript

Posted On 2013-10-21 by dwirch
Tags: VBScript Scripting Tip Windows Windows Server 2012 Windows Server 2008
Views: 1884

When deploying large numbers of computers, there are several methods of joining a machine to a domain.  Since I am a big fan of VBScript (shhh!), I use this method to join the machine.

This VBScript works in all version of Windows, from Win95 to present day. You should be able to inject this machine at the end of your deployment process in order to automatically join it to the domain after deployment.

I know this is magic by any means, but I've been asked for it more than twice, so here it is for everyone.  Any questions, post a comment here or in the forums.

Const WIN9X_UPGRADE = 16
strDomain = "YourDomainName"
strPassword = "ServiceAccountPassword"
strUser = "ServiceAccount"
Set objNetwork = CreateObject("WScript.Network")
strComputer = objNetwork.ComputerName
Set objComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!\\" & _
strComputer & "\root\cimv2:Win32_ComputerSystem.Name='" & _
strComputer & "'")
ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _
strPassword, strDomain & "\" & strUser, NULL, _

What's Happening

The first section of the script sets some constants.  Not all of these constants are needed for this short little script, but I've included them all here for completeness.  The only two that are used for this function are Join_Domain and Acct_Create.  These are pretty self explanatory, I think.

The second section sets up some variables, namely the domain name you are joining to, and authentication information (username and password) for an account that the necessary permissions to join a machine to the domain.  Note that you should not utilize an account that has elevated permissions.  This account should be a domain user that does not have the "10-join limit" of regular accounts.  In all other aspects, the account shouldn't have any further rights.  Not even interactive login permissions. Why?  Because you're storing the authentication information in plain text, in a file.

Next, we are grabbing the name of the local computer, and setting up impersonation.  This will be used in the join/create operation.

Finally, the join/create operation is executed, with the returned success/fail value stored in a variable, in case you want to perform some other function depending on the outcome of the operation.

About the Author

dwirch has posted a total of 173 articles.

You can find more information from dwirch by visiting

Comments On This Post

By: AnonymousCoward
Date: 2016-04-21

I noticed that the code there maybe compatible with windows 7 or lower. Would the same code be used for Windows 10 or is there any modifications to the script? I tried to make chanes to the script whilst trying to run it on a windows 10 PC and so far nothing has happened. The most i got was a message sayig return value = 5, I clicked ok and it shutdown on me. Does anyone know a solution?

Do you have a thought relating to this post? You can post your comment here. If you have an unrelated question, you can use the Q&A section to ask it.

Or you can drop a note to the administrators if you're not sure where you should post.

Your IP address is:

Before you can post, you need to prove you are human. If you log in, this test goes away.

Recent Forum Posts

Fold Code Manager into main KB?
VB6Boy posted on July 22, 2017 at about 14:42 in Site News

Fold Code Manager into main KB?
dwirch posted on July 22, 2017 at about 14:41 in Site News

Fold Code Manager into main KB?
dwirch posted on July 21, 2017 at about 22:46 in Site News

Fold Code Manager into main KB?
dwirch posted on July 20, 2017 at about 7:55 in Site News

Job Spammer: Sam Mallon
dwirch posted on July 18, 2017 at about 18:36 in Spammers

When setting up a certificate authority ...
dwirch posted on July 13, 2017 at about 9:07 in General