Joining machines to a domain without credentials

Ever heard of djoin.exe? Most people haven’t come across this built-in command line utility from Microsoft. This tool joins a computer account to a domain without the need to connect to the corporate network.

How does it work?

Create a new computer account for the machine you want to add to the domain

Djoin is ran on the domain controller, this creates a base-64 encoded blob in a text file and creates the trust relationship.

Take the file to the computer that you need to join to the domain and run djoin on it. then restart the machine.

What’s the process?

1. On the Domain Controller, run the command below. This creates the computer account in Active Directory. The output is a txt file.

djoin /provision /domain "" /machine "WKS-001" /savefile "C:\djoinfiles\WKS-001.txt" 

2. On the computer that you want to join to the Domain, copy the file you created on the DC to the machine. Then run the code below. After, reboot the machine.

djoin /requestODJ /loadfile "C:\WKS-001.txt" /windowspath %systemroot% /localos

This is so useful for a couple of situations:

1, if you are not connected to the domain, an offline domain join.

2, if you as an administrator do not want to give out credentials to a non-admin user to join a machine to the domain.

Thats it, job done.