LogoLogo
  • Welcome
  • StifleR
  • 2PXE Server
  • iPXE WS
  • OSD Toolkit
  • DeployR
  • Introduction
    • Your DeployR guide
  • SETUP
    • Prerequisites
    • Installation
    • Securing
      • Entra ID authentication
      • Passcode authentication
      • Certificate authentication
      • Anonymous authentication
      • Other security settings
  • Generate Windows PE Boot Images
  • Generate Linux Boot Images
  • Configuring PXE booting
    • Using 2PXE
    • Using 2PXE with iPXE Anywhere Web Service
    • Using WDS or third-party PXE servers
  • Microsoft Graph API access
  • Getting Started
    • Creating a Content Item
      • Applications
      • Driver packs
      • Operating system
    • Creating a Task Sequence
    • Performing a Bare Metal Deployment
  • Starting a task sequence in an existing OS
  • Running a task sequence from Intune
  • Reference
    • Step Definitions
      • Apply ChromeOS Flex
      • Apply IGEL image
      • Apply operating system
      • Apply operating system from cloud
      • Capture image
      • Configure operating system
      • Enable Administrator account
      • Enable BranchCache
      • Format disk
      • Inject driver pack
      • Inject drivers
      • Inject drivers from cloud
      • Install application
      • Install multiple applications
      • Install updates
      • Offline domain join
      • Prepare for capture
      • Prepare operating system
      • Reboot
      • Run command line
      • Run PowerShell script
      • Run task sequence
      • Set variable
    • Task Sequence Templates
      • Windows bare metal
      • Windows bare metal from cloud
      • Windows build and capture
      • Autopilot from cloud
      • Autopilot pre-provisioning
      • ChromeOS Flex
      • IGEL 12
  • PowerShell Modules
  • Task Sequence Variables
Powered by GitBook
On this page
  1. Reference
  2. Step Definitions

Offline domain join

PreviousInstall updatesNextPrepare for capture

Last updated 18 days ago

LogoLogo

About

  • Let's connect
  • Engineering team
  • Our story
  • Blog
  • Events
  • Youtube

Products

  • Product overview
  • RecoveR
  • DeployR
  • OSD Toolkit
  • iPXE Anywhere
  • StifleR
  • CacheR
  • MOM
  • RemoteR

Support

  • Resources
  • Knowledge base
  • 2Pint Software support
  • FAQs

Pricing

  • Private sector
  • Public sector
  • Services

© Copyright 2025 2Pint Software | All rights reserved

CtrlK

The Offline domain join step is used to join a computer to an Active Directory (AD) domain. The needed AD computer account will be created by the DeployR service, so the DeployR service account (typically the computer account) needs to be delegated the rights to perform this action. The resulting "offline domain join" blob is sent back to the device and injected to complete the join process.

Specify the naming pattern to use for the computer, the domain name (DNS), and optionally the OU path (e.g. "OU=My Computers"). Note that Windows does not support specifying containers (e.g. "CN=Computers", which is the default if no OU is specified).

For the computer naming pattern, any valid task sequence variable can be specified in the name, using the "%VARIABLENAME%" mechanism. You can also specify substrings from that value. Some examples:

  • %SERIALNUMBER:10% will select the first 10 characters of the SERIALNUMBER task sequence variable.

  • %MAKE:-5% will select the last 5 characters of the MAKE task sequence variable.

  • %RAND:8% will generate a random number eight digits long.

Note that the resulting computer name should be a valid Windows computer name (no spaces, limited special characters). If more complex names are required, these can be generated via a script that sets the COMPUTERNAME task sequence variable. When that value is set, it will override whatever is configured in this step.

If no computer name value is specified, "PC-%RAND:8%" will be used as a default.

To grant the DeployR server rights to join workstations to a domain:

  1. Open Group Policy Management on a system that has it installed.

  2. Double-click the name of the forest, double-click Domains, double-click the name of the domain in which you want to join a computer, right-click Default Domain Policy, and then click Edit.

  3. In the console tree, double-click Computer Configuration, double-click Policies, double-click Windows Settings, double-click Security Settings, double-click Local Policies, and then double-click User Rights Assignment.

  4. In the details pane, double-click Add workstations to domain.

  5. Select the Define these policy settings check box, click Add User or Group, and then click on Browse on the Add User or Group window.

  6. On the Select Users, Computers, Service Accounts, or Groups window, click on Object Types, select Computers, and then click OK.

  7. Type the name of the DeployR server, and then click OK twice.

The DeployR server should now have rights to join workstations to the domain.

Note: If the computer name specified already exists in Active Directory, the offline domain join will fail. This is a security precaution today, to ensure that the wrong computer is not disabled.