Insufficient data from Andrew Fryer

The place where I page to when my brain is full up of stuff about the Microsoft platform

Windows Server 2008 R2 Active Directory – Offline Domain Join

I was in Leeds yesterday at the Virtual machine User Group..


Alan and I were handing out a few Windows Server 2008 R2 architecture posters, when Tom Howarth  a well known virtual machine expert, spotted the Offline Domain Join feature.  He thought this would be really useful in provisioning client virtual machines for VDI.

In case you aren’t aware of this new feature in active directory, Offline Domain Join just does what it says and fortunately I was able to dust off an old screencast I made showing how this works back when Windows Server 2008 R2 was in beta..

This process can be applied as part of an unattend install script to create a client and simply allows it to be in the domain when it’s spun up for first use. 

Please also be aware of  a couple of extra things I didn’t call out in he screencast.

  • The file you create and apply to the offline client is NOT a text file, it’s obfuscated/encrypted so you can’t derive any useful information by opening it NotePad, or fiddle with it to use it on other clients.
  • While the DJOIN/ provision process will create a new entry in active directory it could then fail to create the file you specify if the path doesn’t exist.
  • I also noticed a /DOWNLEVEL switch for the DJOIN command so Tom could use this to offline his VMs to a Windows Server 2003 DC.

If you want to try this yourself there is also a good step by step guide on TechNet here