Best practices for linking to the domain - Delegation and pre-staging
To support me, you can subscribe to the channel, share and like the videos, disable your ad blocker or make a donation. Thank you!
Hello,
Best practices for domain joins - Delegation and pre-staging
Following a change to the domain junction reinforcement, this video requires an update
Presentation of different alternatives for joining an Active Directory domain:
How to join an Active Directory domain with System Properties (1/9)
Best domain joining practices - Delegation and pre-staging (2/9)
How to join an Active Directory domain using the Settings Menu (3/9)
How to join an Active Directory domain using PowerShell (4/9)
How to join an Active Directory domain with djoin (offline) (5/9)
How to join an Active Directory domain with netdom (6/9)
How to join an Active Directory domain with DSC (7/9)
How to join an Active Directory domain with ICD (8/9)
How to join an Active Directory domain with MDT (9/9)
Delegate from the command line (on an OU)
#Import du module ADImport-module activedirectory
# Nom de l'OU Ordinateurs$OUOrdinateursName = 'Ordinateurs'# Nom de l'OU Groupes$OUGroupesName = 'Groupes'# Distinguished name du domaine$DomaineDN = (Get-ADDomain).distinguishedname# Nom du groupe$GPName = 'DL-Join'
# Création de l'OU Ordinateurs$OrdinateursOU = New-ADOrganizationalUnit $OUOrdinateursName -Path $DomaineDN -PassThru# Création de l'OU Groupes$GroupesOU = New-ADOrganizationalUnit $OUGroupesName -Path $DomaineDN -PassThru# Création du groupeNew-ADGroup $GPName -GroupCategory security -GroupScope domainlocal -Path $GroupesOU.distinguishedname# Création un objet ordinateur :New-adcomputer pc-demo -path $OrdinateursOU.distinguishedname
# Autoriser un groupe à joindre un ordinateur au domaine sur une OU. Avec héritage des droits :# $OrdinateursOU.distinguishedname correspond au distinguished name de l'OU.dsacls $OrdinateursOU.distinguishedname /I:S /G $GPName":WS;Validated write to DNS host name;computer"dsacls $OrdinateursOU.distinguishedname /I:S /G $GPName":WS;Validated write to service principal name;computer"dsacls $OrdinateursOU.distinguishedname /I:S /G $GPName":CA;Reset Password;computer"dsacls $OrdinateursOU.distinguishedname /I:S /G $GPName":WP;Account Restrictions;computer"
# Il est aussi possible d'ajouter les droits de création de l'ordinateur dans l'OUdsacls $OrdinateursOU.distinguishedname /I:T /G $GPName`:CC; computerVous pouvez changer l’emplacement par défaut pour les ordinateurs
Puis sur le contrôleur de domaine principal, dans un cmd ou PowerShell :
redircmp ‘DN de l’OU’
# Exemple :
redircmp ‘ou=ordinateurs,dc=domaine,dc=tld’
Video : Best practices for linking to the domain - Delegation and pre-staging
Related links
The difference between updates and upgrades
A video to explain the terms upgrade, update, quality update and functionality updateWindows - How to run a memory test to detect faulty RAM
Windows - How to run a memory test to detect faulty RAMFix an Active Directory sign-on approval relationship error
How to fix a sign-on approval relationship error in Active DirectoryHow to create a multiboot USB key with the Ventoy tool
It's useful to have a multiboot USB stick containing operating system images or troubleshooting tools that you can boot from if you need toHow to clean and repair the Windows Component Store
The c:\Windows\Installer folder contains installation files (in MicroSoft Installer, MSI, format) for software installed on your machine5 ways to achieve Windows recovery (WinRe) on Windows 10 and 1
5 ways to achieve Windows recovery (WinRe) on Windows 10 and 11
Follow me on
Support me
Last content
Powershell - Testing network connectivity and port accessibility
Powershell - Display network connections (equivalent to netstat)
Powershell - Testing name resolution (equivalent to nslookup)
Powershell - View and manage DNS configuration of network interfaces
Powershell - Managing IP configuration of network interfaces
Powershell - Managing the status and configuration of network interfaces
Powershell and the Left Hand Side
Powershell - Managing disks, partitions and volumes