Question. I want to add a laptop to an existing AD
domain. There is an existing account which has admin
rights (administrator login). I will also need to set the
laptop up so that I have admin rights on it when using my
username (joe). Can someone outline the steps
needed to do all of this please? Does my computer name
need to be set in AD or can I name it anything? I want to
be able to connect to the domain so I can install some
software from a Network drive. Any help would be GREATLY
appreciated!

Thanks!
Joe

"joe" wrote in message
news:1328201c41940$af69bbc0$a001280a@phx.gbl...
> Question. I want to add a laptop to an existing AD
> domain. There is an existing account which has admin
> rights (administrator login). I will also need to set the
> laptop up so that I have admin rights on it when using my
> username (joe). Can someone outline the steps
> needed to do all of this please? Does my computer name
> need to be set in AD or can I name it anything? I want to
> be able to connect to the domain so I can install some
> software from a Network drive. Any help would be GREATLY
> appreciated!

BTW
Connecting to the domain from your user account on the
domain doesn't not necessary require "logon onto the machine
with a domain account."

net use * \\server\share * /user:DomainName\UserName

(You may substitute ServerName for DomainName if you have
an account on the server itself instead.)

For you actual question:

Logon to it as the MACHINE Admin, use the system
control panel to join the machine to the domain. If the
computer account doesn't exist yet, you must either have
an Admin etc. create it on the domain OR you must have
domain admin credentials to use (type in) during the
addition from the machine.

After successfully adding the computer, use it's Computer
Manger (etc) to add your Domain account to the local
computer Administrators group etc.


--
Herb Martin
>
> Thanks!
> Joe
>

In news:OeSPS$VGEHA.2436@TK2MSFTNGP09.phx.gbl,
Herb Martin posted their thoughts, then I offered mine[color=blue]
> "joe" wrote in message
>
> BTW
> Connecting to the domain from your user account on the
> domain doesn't not necessary require "logon onto the machine
> with a domain account."
>
> net use * \\server\share * /user:DomainName\UserName
>
> (You may substitute ServerName for DomainName if you have
> an account on the server itself instead.)
>
> For you actual question:
>
> Logon to it as the MACHINE Admin, use the system
> control panel to join the machine to the domain. If the
> computer account doesn't exist yet, you must either have
> an Admin etc. create it on the domain OR you must have
> domain admin credentials to use (type in) during the
> addition from the machine.
>
> After successfully adding the computer, use it's Computer
> Manger (etc) to add your Domain account to the local
> computer Administrators group etc.
>[/color]



Just to add, by default a user account can join a machine to a domain (if
the computer acct was pre-created by an admin) up to 20 times, which this
default setting can be altered with ADSIEdit.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
=================================

Ace,

Was that setting changed? I *thought* that it was 10? Oh well, looks like
I missed that memo! ;-)

Cary

"Ace Fekay [MVP]"
wrote in
message news:eSeY3faGEHA.2980@TK2MSFTNGP09.phx.gbl...[color=blue]
> In news:OeSPS$VGEHA.2436@TK2MSFTNGP09.phx.gbl,
> Herb Martin posted their thoughts, then I offered[/color]
mine[color=blue][color=green]
> > "joe" wrote in message
> >
> > BTW
> > Connecting to the domain from your user account on the
> > domain doesn't not necessary require "logon onto the machine
> > with a domain account."
> >
> > net use * \\server\share * /user:DomainName\UserName
> >
> > (You may substitute ServerName for DomainName if you have
> > an account on the server itself instead.)
> >
> > For you actual question:
> >
> > Logon to it as the MACHINE Admin, use the system
> > control panel to join the machine to the domain. If the
> > computer account doesn't exist yet, you must either have
> > an Admin etc. create it on the domain OR you must have
> > domain admin credentials to use (type in) during the
> > addition from the machine.
> >
> > After successfully adding the computer, use it's Computer
> > Manger (etc) to add your Domain account to the local
> > computer Administrators group etc.
> >[/color]
>
>
>
> Just to add, by default a user account can join a machine to a domain (if
> the computer acct was pre-created by an admin) up to 20 times, which this
> default setting can be altered with ADSIEdit.
>
> --
> Regards,
> Ace
>
> Please direct all replies to the newsgroup so all can benefit.
> This posting is provided "AS-IS" with no warranties and confers no
> rights.
>
> Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
> Microsoft Windows MVP - Active Directory
> --
> =================================
>
>[/color]

In news:%238Svc2aGEHA.2612@TK2MSFTNGP09.phx.gbl,
Cary Shultz [A.D. MVP] posted their thoughts, then I
offered mine[color=blue]
> Ace,
>
> Was that setting changed? I *thought* that it was 10? Oh well,
> looks like I missed that memo! ;-)
>
> Cary[/color]

It was an ivisible memo... :-)

Darn, could have sworn it was 20. So you got me curious and had to remote
into my DC to verify it! LOL Yep! 10. Should have checked first.... :-) I
think 20 stuck to mind with a post one day last year where that poster
wanted to change it to 20, or something like that!

(FYI for the poster, this can be found by going into ADSI Edit, under the
Domain NC, rt-click your domain name properties, the 'Optional' attribute to
look for is called Ms-DS-MachineAccountQuota.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
=================================

"Ace Fekay [MVP]"
wrote in
message[color=blue]
> Just to add, by default a user account can join a machine to a domain (if
> the computer acct was pre-created by an admin) up to 20 times, which this
> default setting can be altered with ADSIEdit.[/color]

Curious: Is that a rule about the "user can create computer accounts"
feature? Only if the Admin created the user? (As opposed to Account
Operator etc.?)

BTW: I thought it was 10 (not 20) but that isn't a big deal either way.

--
Herb Martin

The default is 10. I was just dealing with this a week ago.

Cary Shultz [A.D. MVP] wrote:[color=blue]
> *Ace,
>
> Was that setting changed? I *thought* that it was 10? Oh well
> looks like
> I missed that memo! ;-)
>
> Cary
>
> "Ace Fekay [MVP]"
> wrot
> in
> message news:eSeY3faGEHA.2980@TK2MSFTNGP09.phx.gbl...[color=green]
> > In news:OeSPS$VGEHA.2436@TK2MSFTNGP09.phx.gbl,
> > Herb Martin posted their thoughts, then[/color]
> offered
> mine[color=green]
> >
> >
> >
> > Just to add, by default a user account can join a machine to[/color]
> domain (if[color=green]
> > the computer acct was pre-created by an admin) up to 20 times[/color]
> which this[color=green]
> > default setting can be altered with ADSIEdit.
> >
> > --
> > Regards,
> > Ace
> >
> > Please direct all replies to the newsgroup so all can benefit.
> > This posting is provided "AS-IS" with no warranties and confers no
> > rights.
> >
> > Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
> > Microsoft Windows MVP - Active Directory
> > --
> > =================================
> >
> >[/color][/color]


-
phillip pin
-----------------------------------------------------------------------
Posted via [url]http://www.mcse.m[/url]
-----------------------------------------------------------------------
View this thread: [url]http://www.mcse.ms/message534385.htm[/url]

In news:OoReADeGEHA.3576@tk2msftngp13.phx.gbl,
Herb Martin posted their thoughts, then I offered mine[color=blue]
> "Ace Fekay [MVP]"
> wrote in
> message[color=green]
>> Just to add, by default a user account can join a machine to a
>> domain (if the computer acct was pre-created by an admin) up to 20
>> times, which this default setting can be altered with ADSIEdit.[/color]
>
> Curious: Is that a rule about the "user can create computer accounts"
> feature? Only if the Admin created the user? (As opposed to Account
> Operator etc.?)
>
> BTW: I thought it was 10 (not 20) but that isn't a big deal either
> way.[/color]


yeah yeah, it's 10. The admin has to create the computer account in AD
first...
--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
=================================

In news:phillip.pino.1467n1@mail.mcse.ms,
phillip pino posted their thoughts, then
I offered mine[color=blue]
> The default is 10. I was just dealing with this a week ago.
>[/color]

Ok.... I should have checked first before I posted it and getting ribbed
about it...

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
=================================

> > Curious: Is that a rule about the "user can create computer accounts"[color=blue][color=green]
> > feature? Only if the Admin created the user? (As opposed to Account
> > Operator etc.?)
> >
> > BTW: I thought it was 10 (not 20) but that isn't a big deal either
> > way.[/color]
> yeah yeah, it's 10. The admin has to create the computer account in AD
> first...[/color]

I don't care about the 10 (20 whatever) -- of course the count has to
be created, but I thought you were implying that it ONLY worked if
an Admin (specifically) not someone else created the account.

I now believe that was just an accident of your wording and could
have been, "If the user has an account" (irrelevant of how it was
created.)

--
Herb Martin
"Ace Fekay [MVP]"
wrote in
message news:Ovot$jhGEHA.688@tk2msftngp13.phx.gbl...[color=blue]
> In news:OoReADeGEHA.3576@tk2msftngp13.phx.gbl,
> Herb Martin posted their thoughts, then I offered[/color]
mine[color=blue][color=green]
> > "Ace Fekay [MVP]"
> > wrote in
> > message[color=darkred]
> >> Just to add, by default a user account can join a machine to a
> >> domain (if the computer acct was pre-created by an admin) up to 20
> >> times, which this default setting can be altered with ADSIEdit.[/color]
> >[/color]
> --
> Regards,
> Ace
>
> Please direct all replies to the newsgroup so all can benefit.
> This posting is provided "AS-IS" with no warranties and confers no
> rights.
>
> Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
> Microsoft Windows MVP - Active Directory
> --
> =================================
>
>[/color]

Ace,

No worries from me. I am the last person to be ribbing you!

Cary

"Ace Fekay [MVP]"
wrote in
message news:%23JJynkhGEHA.1264@TK2MSFTNGP10.phx.gbl...[color=blue]
> In news:phillip.pino.1467n1@mail.mcse.ms,
> phillip pino posted their thoughts,[/color]
then[color=blue]
> I offered mine[color=green]
> > The default is 10. I was just dealing with this a week ago.
> >[/color]
>
> Ok.... I should have checked first before I posted it and getting ribbed
> about it...
>
> --
> Regards,
> Ace
>
> Please direct all replies to the newsgroup so all can benefit.
> This posting is provided "AS-IS" with no warranties and confers no
> rights.
>
> Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
> Microsoft Windows MVP - Active Directory
> --
> =================================
>
>[/color]

Dang!

Wanted to add a bit more to the previous post!

I sometimes try to give short answers ( I do tend to be a bit verbose ) and
find that this is a bad idea for me. I will leave out a word or two that
should have been included which changes the meaning of the answer. Case in
point: the question about NetBIOS sometime in the last seven days. I
answered that NetBIOS is stopped at the router. We all know that this is
not completely accurate. We know that it is the NetBIOS *broadcast* that is
*typically* stopped at the router. That would have been a much better
response. My first response was something like authoritative: It is STOPPED
at the router! There are no two ways about it! Period! Well, not
completely true!

As Herb said, it is not really that big a deal.

Cary

"Ace Fekay [MVP]"
wrote in
message news:%23JJynkhGEHA.1264@TK2MSFTNGP10.phx.gbl...[color=blue]
> In news:phillip.pino.1467n1@mail.mcse.ms,
> phillip pino posted their thoughts,[/color]
then[color=blue]
> I offered mine[color=green]
> > The default is 10. I was just dealing with this a week ago.
> >[/color]
>
> Ok.... I should have checked first before I posted it and getting ribbed
> about it...
>
> --
> Regards,
> Ace
>
> Please direct all replies to the newsgroup so all can benefit.
> This posting is provided "AS-IS" with no warranties and confers no
> rights.
>
> Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
> Microsoft Windows MVP - Active Directory
> --
> =================================
>
>[/color]

In news:%23zTItBlGEHA.2428@tk2msftngp13.phx.gbl,
Cary Shultz [A.D. MVP] posted their thoughts, then I
offered mine[color=blue]
> Dang!
>
> Wanted to add a bit more to the previous post!
>
> I sometimes try to give short answers ( I do tend to be a bit
> verbose ) and find that this is a bad idea for me. I will leave out
> a word or two that should have been included which changes the
> meaning of the answer. Case in point: the question about NetBIOS
> sometime in the last seven days. I answered that NetBIOS is stopped
> at the router. We all know that this is not completely accurate. We
> know that it is the NetBIOS *broadcast* that is *typically* stopped
> at the router. That would have been a much better response. My
> first response was something like authoritative: It is STOPPED at the
> router! There are no two ways about it! Period! Well, not
> completely true!
>
> As Herb said, it is not really that big a deal.
>
> Cary
>[/color]

I know, I do the same thing. I meant to put a LOL at the end of my other
post! I hope you didn't think I was serious....

:-)


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
=================================

In news:ex41iLkGEHA.3772@TK2MSFTNGP12.phx.gbl,
Herb Martin posted their thoughts, then I offered mine[color=blue][color=green]
>> yeah yeah, it's 10. The admin has to create the computer account in
>> AD first...[/color]
>
> I don't care about the 10 (20 whatever) -- of course the count has to
> be created, but I thought you were implying that it ONLY worked if
> an Admin (specifically) not someone else created the account.
>
> I now believe that was just an accident of your wording and could
> have been, "If the user has an account" (irrelevant of how it was
> created.)
>[/color]

I mis-worded it. You got it!

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
=================================

Nope,

As the younger people say these days, Ace - it's all good! ;-)

Cary

"Ace Fekay [MVP]"
wrote in
message news:uxFX2DmGEHA.2576@TK2MSFTNGP11.phx.gbl...[color=blue]
> In news:%23zTItBlGEHA.2428@tk2msftngp13.phx.gbl,
> Cary Shultz [A.D. MVP] posted their thoughts, then I
> offered mine[color=green]
> > Dang!
> >
> > Wanted to add a bit more to the previous post!
> >
> > I sometimes try to give short answers ( I do tend to be a bit
> > verbose ) and find that this is a bad idea for me. I will leave out
> > a word or two that should have been included which changes the
> > meaning of the answer. Case in point: the question about NetBIOS
> > sometime in the last seven days. I answered that NetBIOS is stopped
> > at the router. We all know that this is not completely accurate. We
> > know that it is the NetBIOS *broadcast* that is *typically* stopped
> > at the router. That would have been a much better response. My
> > first response was something like authoritative: It is STOPPED at the
> > router! There are no two ways about it! Period! Well, not
> > completely true!
> >
> > As Herb said, it is not really that big a deal.
> >
> > Cary
> >[/color]
>
> I know, I do the same thing. I meant to put a LOL at the end of my other
> post! I hope you didn't think I was serious....
>
> :-)
>
>
> --
> Regards,
> Ace
>
> Please direct all replies to the newsgroup so all can benefit.
> This posting is provided "AS-IS" with no warranties and confers no
> rights.
>
> Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
> Microsoft Windows MVP - Active Directory
> --
> =================================
>
>[/color]

In news:usrwnpmGEHA.2664@TK2MSFTNGP11.phx.gbl,
Cary Shultz [A.D. MVP] posted their thoughts, then I
offered mine[color=blue]
> Nope,
>
> As the younger people say these days, Ace - it's all good! ;-)
>
> Cary[/color]

It's al good!
:-)

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
=================================