This article was co-authored by Stan Kats and by wikiHow staff writer, Nicole Levine, MFA. Stan Kats is a Professional Technologist and the COO and Chief Technologist for The STG IT Consulting Group in West Hollywood, California. Stan provides comprehensive technology solutions to businesses through managed IT services, and for individuals through his consumer service business, Stan's Tech Garage. Stan holds a BA in International Relations from The University of Southern California. He began his career working in the Fortune 500 IT world. Stan founded his companies to offer an enterprise-level of expertise for small businesses and individuals.
This article has been fact-checked, ensuring the accuracy of any cited facts and confirming the authority of its sources.
This article has been viewed 177,441 times.
Do you need to connect a computer or server to your organization's Active Directory domain? To join a domain on Windows 10, Windows 11, and earlier, you'll need to have the Pro, Education, or Enterprise edition version of the operating system. On a Mac, you can join a domain using the Directory Utility tool. This wikiHow guide will teach you how to join a computer to a domain in a few simple steps.
How to Join Domain Win10
In Windows, join a domain in System Properties (sysdm.cpl) > Change > Domain. On a Mac, go to Directory Utility > Services and select Active Directory > to add the domain information.
Steps
-
Open the System Properties panel. You can do this on any version of Windows, including Windows 11 and Windows 10, from the Windows search bar. Here's how:
- Click the magnifying glass or search bar at the bottom of the screen or press the Windows key on your keyboard.
- Type sysdm.cpl and press Enter.
- The System Properties panel will automatically open to the Computer Name tab.
-
Click the Change… button. You will find this button in the lower-right corner.[1]Advertisement
-
Select the Domain option. You will find this option below the "Member of" heading at the bottom of the pop-up window.
- If this option is grayed out, your version of Windows is not able to join a domain. You will need Pro, Enterprise, Education, or Ultimate (if using Windows 7 and earlier) to join a domain.
-
Click the OK button. This will save the domain address.
-
Log in to the domain. When prompted, you'll need to provide the username and password of an account that has permission to join the domain. If you're not sure which account to use, contact your domain's administrator.
-
Restart your computer. Once you join the domain, you'll see a welcome message. After that, you'll be prompted to restart your computer to apply the changes. Your computer will automatically connect to the specified domain after you restart.[3]
-
Open Directory Utility on your Mac. If you need to join a Mac to an AD domain, you can do so in Directory Services. To get there, just type directory utility into Spotlight search, then click Directory Utility in the search results.[4]
-
Click Services. It's at the top of the window.
-
Click the lock icon and sign in. You will need to unlock Directory Utility with your administrator-level account (or use Touch ID) to join a domain.[5]
-
Select "Active Directory" and click the pencil icon. This allows you to edit your Active Directory domain settings.
-
Enter the domain hostname. If you're not sure what to enter here, contact your network administrator.
-
Enter a computer ID if needed. By default, your Mac will be identified by its regular host name. If you want to use a different hostname for the Active Directory domain, enter it into the "Computer ID" field. There are two situations in which you might need or want to use a computer ID:
- If your organization has specific host naming conventions and you don't want to change your Mac's actual name.
- If your Mac's hostname contains a hyphen, you won't be able to bind to a domain. In this case, enter a new computer ID that doesn't have a hyphen.
-
Set your additional options. If you need to make additional changes, you can click the triangle next to "Show Options" to expand more options.
- On the User Experience panel, you can set up mobile user accounts, home folders, and more.
- On the Mappings panel, you can map group IDs and user IDs to Active Directory attributes.[6]
- On the Administrative panel, you can set this domain as your preferred controller, control whether AD admins have admin privileges on your Mac, and choose which domain users can connect to your Mac at all.
-
Click Bind. You'll then be prompted to enter additional information.
-
Enter the requested details and click OK. On this screen, you'll need to enter:
- The username and password of an Active Directory account that has permission to join a computer to a domain.
- The computer's OU (organizational unit).
- Choose whether you want to add Active Directory to the Mac's authentication and contacts search policies.
- Once you click OK, this will confirm the domain information and add your Mac to the domain.
Expert Q&A
-
QuestionHow do you add a computer to a domain in Windows 8?Stan KatsStan Kats is a Professional Technologist and the COO and Chief Technologist for The STG IT Consulting Group in West Hollywood, California. Stan provides comprehensive technology solutions to businesses through managed IT services, and for individuals through his consumer service business, Stan's Tech Garage. Stan holds a BA in International Relations from The University of Southern California. He began his career working in the Fortune 500 IT world. Stan founded his companies to offer an enterprise-level of expertise for small businesses and individuals.
Professional TechnologistUnfortunately, you can't do this in Windows 8. It has to be Windows 10 pro or enterprise. -
QuestionCan a domain user join a computer to the domain?Stan KatsStan Kats is a Professional Technologist and the COO and Chief Technologist for The STG IT Consulting Group in West Hollywood, California. Stan provides comprehensive technology solutions to businesses through managed IT services, and for individuals through his consumer service business, Stan's Tech Garage. Stan holds a BA in International Relations from The University of Southern California. He began his career working in the Fortune 500 IT world. Stan founded his companies to offer an enterprise-level of expertise for small businesses and individuals.
Professional TechnologistIt depends on the user's permissions. If the account on the computer has authorization, they'll be able to doo it. If they don't, they won't be able to. -
QuestionHow do I prevent others from joining a computer to a domain?Stan KatsStan Kats is a Professional Technologist and the COO and Chief Technologist for The STG IT Consulting Group in West Hollywood, California. Stan provides comprehensive technology solutions to businesses through managed IT services, and for individuals through his consumer service business, Stan's Tech Garage. Stan holds a BA in International Relations from The University of Southern California. He began his career working in the Fortune 500 IT world. Stan founded his companies to offer an enterprise-level of expertise for small businesses and individuals.
Professional TechnologistThe user that's trying to join the domain will need permission to join. So long as you haven't changed the settings to allow any computer to join, this shouldn't be a problem.
Video
Tips
References
- ↑ Stan Kats. Cybersecurity Expert. Expert Interview. 24 June 2021.
- ↑ Stan Kats. Cybersecurity Expert. Expert Interview. 24 June 2021.
- ↑ Stan Kats. Cybersecurity Expert. Expert Interview. 24 June 2021.
- ↑ https://support.apple.com/guide/directory-utility/open-directory-utility-diru75d3eaa7/mac
- ↑ https://support.apple.com/guide/directory-utility/configure-domain-access-diru11f4f748/mac
- ↑ https://support.apple.com/guide/directory-utility/map-group-primary-gid-uid-active-directory-diru0f42005a/6.3/mac/13.0