Joining a domain as a workstation

Auto Zone is created automatically in Active Directory if you join a domain by running the adjoin command with the --workstation option.

What to do before joining Auto Zone

Before joining a computer to Auto Zone, be certain that the following are true:

  • Active Directory identities are unique for the forest and any two-way trusted forest.

  • The Active Directory users and groups require a single set of properties for all computers that join the domain through Auto Zone and do not need to be segregated into zones for any reason.

  • All domains in the forest and any trusted external forest must be unique or the join will fail. In this case, you must manually configure a unique prefix for each trusted domain using configuration parameters.

Who should perform this task

A Linux or UNIX administrator with root permission on the computers you want to join to an Active Directory domain. The administrator must also know the password for an Active Directory domain administrator account.

How often you should perform this task

In most cases, you only do this once for each Linux or UNIX computer that needs to join an Active Directory domain as a workstation.

Rights required for this task

You must have an account with root permission to modify agent configuration files on managed computers or an administrative account with write permission to enable group policies on a Group Policy Object linked to a domain or organizational unit.

Steps for completing this task

The following instructions illustrate how to join Auto Zone using the adjoin command.

To join a computer to a domain as a workstation

  1. Log on the computer with the Delinea Agent using an account with root privilege.

  2. Open a terminal and execute the following command:

    adjoin domainName --workstation

    For example:

    [root@rhe5]#adjoin acme.com --workstation

  3. Type the Active Directory administrator’s password.

    Administrator@ACME.COM’s password:

    Using domain controller: win-f7d27u7kl6m.acme.com writable=true
    Join to domain:acme.com, zone: Auto Zone successful

  4. Run the adinfo command to verify the connection to Auto Zone:

    [root@rhe5]# adinfo
    Local host name: rhe5
    Joined to domain: acme.com
    Joined as: rhe5.acme.com
    Pre-win2K name: rhe5
    Current DC: win-f72d7u7kl6m.acme.com
    Preferred site: Default-First-Site
    Zone: Auto Zone
    Last password set: 2012-09-30 18:08:34 PDT
    CentrifyDC mode: connected
    Licensed Features: Enabled