Use PowerShell to Replace netdom Commands to Join the Domain

Summary: Learn how to replace netdom commands with simple Windows PowerShell cmdlets to rename and reboot the computer or join the domain.

Hey, Scripting Guy! Question Hey, Scripting Guy! It seems that I have been hand building a number of computers recently for a computer lab we are setting up at work. I have written a batch file that uses netdom commands to join the domain. I also use a netdom command to rename the computer, and the shutdown command to restart the computer. The syntax for each of these three commands is rather complex and convoluted. A strange thing is that it seems I can do this on Windows Server R2, but I cannot do this on Windows 7. What gives?


Hey, Scripting Guy! Answer Hello AD,

Microsoft Scripting Guy, Ed Wilson, is here. Well this afternoon I am drinking something a bit different. I decided to make a cup of masala chai. (The word chai, or many of its variations, simply means tea in many languages. Therefore, to speak of chai tea is redundant.) Anyway, I decided to use Dajarling tea, brewed a little strong, and I added cloves, cardamom, a cinnamon stick, fresh ground pepper, and 1/3 cup of warm milk. Coupled with an Anzac biscuit, it was quite nice.

AD, the reason that you cannot use your batch file (containing netdom commands) on Windows 7 is that by default Windows 7 does not contain the netdom command. You can add netdom to your computer running Windows 7 by installing the latest version of the Remote Server Administration Tools (RSAT). When it is installed, you still need to go to Programs and Features and turn on the tools you want to load. The RSAT tools are great, and that is where you gain access to the Active Directory module. But you should not load the RSAT only to access netdom, because you can do what you want to accomplish out of the box (assuming that your box is not Windows 7 Home edition that does not join domains).

AD, your batch file contained at least three commands to rename the computer, join the domain, and to restart the machine. The two netdom commands and the shutdown command are shown here.

netdom renamecomputer member / /userd:administrator

netdom add /d:reskita mywksta /ud:mydomain\admin /pd:password

shutdown /r

In Windows PowerShell 2.0, this is still three commands, but at least the commands are native to Windows 7. In addition, the Windows PowerShell command is easier to read, and they support prototyping. An example of using Windows PowerShell to add a computer to the domain, rename the computer, and reboot the machine is shown here.

(Get-WmiObject win32_computersystem).rename("newname")

add-computer -Credential iammred\administrator -DomainName


In the first command, I use the Get-WmiObject cmdlet to retrieve the Win32_ComputerSystem Windows Management Instrumentation class. (The Get-WmiObject cmdlet has an alias of gwmi, and it will also take credentials if required.) Because this class returns only one instance, I can use my group and dot trick (see My Ten Favorite Windows PowerShell Tricks) to directly call the Rename method to rename the computer.

After I rename the computer, I use the Add-Computer cmdlet to join the computer to the domain. The Add-Computer cmdlet allows me to specify the credentials that have rights to add computers to the domain, in addition to the name of the domain to join. Although I did not do it in my example, there is also an ou parameter that allows you to specify the path to the OU that will contain the newly created computer account.

The last command, Restart-Computer, appears without any parameters. This means that the computer will restart within one minute, and it will attempt to cause processes to politely exit (generally a good thing). For emergency type of situations, there is the Force switch that will cause the computer to immediately restart, and not wait on processes to politely exit. The use of this optional parameter can lead to data loss in some situations.

In the image that follows, I first use the Get-WmiObject cmdlet to rename the computer. The image shows the return value is 0, which means that the command completed successfully. Next, I use the Add-Computer cmdlet to join the computer to the iammred domain by using the administrator credentials. Upon hitting ENTER, a dialog box appears that requests the password for the credentials.

The command completed successfully, but a warning message states that a reboot is required for the change to actually take place. The last command shown in the image uses the Restart-Computer cmdlet to restart the computer. I added the WhatIf parameter to illustrate what happens when using the WhatIf parameter (and to permit myself time to make the screenshot).

Image of command output

After I remove the WhatIf switch, and rerun the Restart-Computer cmdlet, a message box appears that states the computer will shut down in a minute or less. After the quick reboot, I am able to switch from using a local account to a domain account, because the computer has now joined the domain. The commands are short, sweet, easy to remember, and easy to use. None of these commands require a script, in fact, they could easily be run as imported history commands. For more information about working with the Windows PowerShell history cmdlets, see this collection of Hey, Scripting Guy! blogs.

 AD, that is all there is to using Windows PowerShell to rename a computer and to join it to the domain.  Join me tomorrow for more cool Windows PowerShell stuff.

I invite you to follow me on Twitter and Facebook. If you have any questions, send email to me at, or post your questions on the Official Scripting Guys Forum. See you tomorrow. Until then, peace.

Ed Wilson, Microsoft Scripting Guy

Comments (22)

  1. K_Schulte says:

    Hi Ed,

    Great! This is the way it goes … these easy steps are quite worth a lot if you have to accomplish this task a couple of times a day!

    Powershell can be as simple as that!

    Klaus (Schulte)

  2. mredwilson says:

    @D3sky I wrote a blog article in which I describe a module to simplify creating local users, and adding users to groups. It should do what you need to do.…/use-parameter-sets-to-simplify-powershell-commands.aspx

  3. mredwilson says:

    @EvolutionXtinct There are two ways to do this remotely. The first way is to use PowerShell remoting. You have to enable PowerShell remoting, but it can be done via Group Policy. Using PowerShell remoting, the commands would work exactly as written. The second way, is more complex. You can use the WMI command, to rename the computer, directly. It accepts a -computername and a -credential parameter. In PowerShell 2.0, the Add-Computer cmdlet does not have a -computername parameter, and therefore it adds the local computer to the domain or workgroup. You can use WMI, the Win32_Process wmi class, and the Create method to call PowerShell and to execute the Add-Computer cmdlet on a remote machine. I have written about all of these topics on the Hey Scripting Guy! blog. Use the Tag cloud, or the search box to find the articles.

  4. Anonymous says:

    I agree with Nope. You should reboot after renaming, otherwise you join domain with the old name.

  5. Will this work for local PC's only or can I somehow tweak this to rename remote PC's. I am in the process of renaming 95 PC's and would like to somehow take this script and rename remote PC's. Thanks!

  6. D3sky says:

    Is there a way to enable the user role as well? When adding the pc to the domain giving a certain user role i.e admin,user,power user?

  7. John says:


    Is there a way to have this encrypted including the password so it can be used in an automated build script?

  8. John says:

    When I run these commands in succession, it seems to add to the domain but not actually change the name.  I was assuming it should be able to change the name without a reboot then add to the domain, correct?

  9. John says:

    How about renaming computer using a two digit prefix followed by serial number?  Ex: MS-xxxxnnnnnn

  10. Nope says:

    Doesn't work without a reboot in between – it joins the domain as the original computer name.

  11. unsigned says:

    Little late to the party, but I can't get the rename to work either. Script returns '0' but doesn't do the rename.

  12. JN says:

    There is an updated post about PowerShell v3.0 using the rename-computer cmdlet.  It looks like this supports domained computers.  I haven't tested it yet, but it is worth a look.…/powertip-rename-a-computer-by-using-windows-powershell-3-0.aspx

  13. NinjaPenguin says:

    Windows 7 does not include netdom by default. I scoured the net for hours looking for a simpler solution than this RSAT crap or what ever. Then powershell came up and that had its own bullcrappery errors which were more easily fixed than netdom however the solution to these errors were not in one place. SO to all those IT people out there im doin yall a favor here and putting everything in one location in as many forums as possible.

    FOR JOINING A COMPUTER TO A DOMAIN WITHOUT NETDOM – (Windows 7… possibly others have not tested but i dont see why it wouldnt work)

    First you create Two files BOTH are created using notepad.

    type exactly as displayed or cut and paste i dont care. input your own information in the obvious locations if you cant figure that out sell your computer, you have no business owning one.

    First file:

    powershell -command "& {Set-ExecutionPolicy Remotesigned}"

    powershell -file e:domainjoin.ps1

    powershell -file f:domainjoin.ps1

    powershell -file g:domainjoin.ps1

    powershell -file h:domainjoin.ps1

    powershell -file i:domainjoin.ps1

    powershell -file j:domainjoin.ps1

    powershell -file k:domainjoin.ps1

    powershell -file l:domainjoin.ps1

    powershell -file m:domainjoin.ps1

    powershell -file n:domainjoin.ps1

    powershell -file o:domainjoin.ps1

    powershell -file o:domainjoin.ps1


    Ok! So now Save As ——– DomainJoin.bat (file type all files not txt) put it .. somewhere easily accessed.

    NOW Second file!

    $domain = "yourdomain"

    $password = "yourpassword" | ConvertTo-SecureString -asPlainText -Force

    $username = "$domainyouraccount"

    $credential = New-Object System.Management.Automation.PSCredential($username,$password)

    Add-Computer -DomainName $domain -Credential $credential

    Set-ExecutionPolicy -Scope LocalMachine -ExecutionPolicy Restricted -Force

    Okay! Save As – domainjoin.ps1 <——— Pay attentionnnnnnnnnnnn! (again file type "all files" not .txt)

    NOW for this save it on the root of what ever you use for media for example… "c:domainjoin.ps1" or "f:domainjoin.ps1"

    that is very important grass hoppers.

    Alrighty you are ready to run the file. Right click on DomainJoin.bat and hit run as administrator

    you will see a lot of errors fear not.

    in the script i included just about all of the drive letters the file could be on, so as long as you put it on the root of the USB stick or C Drive you should be good (you can also add the drive letters i did not include)

    Somewhere in those errors you should see something telling you a restart is required to apply settings. once it says hit any key to continue restart and you should be goooood to go!

  14. johnny says:

    Using the above
    (Get-WmiObject win32_computersystem).rename("newname")
    add-computer -Credential iammredadministrator -DomainName
    It changes the name (claiming to do so upon reboot) yet joins domain using the old name. Upon reboot, the name is the old name but now joined to domain. Not quite as advertised- is there something that needs to be done in conjunction with the above commands.
    Note: I have tried add-computer with the -option JoinWithNewName and got a different set of issues.

  15. YadierMolina says:

    I have been struggling with this one for HOURS. All other examples on the web show the form of
    add-computer -domainname -cred domainadmin

    This never worked. Then, I see this example where the -cred comes before the -domainname. In this order, it worked almost instantly. Wow.

  16. ChadR says:

    Looking for a complete PS that will also add to a specified OU.

  17. mike says:

    @Johnny I had the same problems running the script mentioned, it would say it joined the domain and the computer name wasn’t updated. If I try to do it manually it will let me rename the machine but not join the domain or vice versa. I am about to try
    the add-computer -newname -options JoinWithNewName parameters to see what happens.

  18. justin says:

    Hi ED, thanks for the script but I would like to know how to modify it to do the following:

    1. Rename a computer based on a naming convention like by serial number? Ex: MS-xxxxnnnnnn or something similar like import names from Excel.
    2. Move the PC to another OU in AD.

    I am working in a call centre and need to join over 300 new PC’s to the domain.

  19. tku says:

    netdom is not corking in my windows 8 system

  20. Gavin Burke says:

    Might be digging up something old here but this can be whittled down to just two commands by throwing -Restart on the end of the Add-Computer, which as the name suggests restarts the machine after joining the domain.

  21. KERR says:

    I had problems renaming and joining the computer to the domain without rebooting. These commands fixed it.

    Rename-Computer -NewName $Computername
    sleep 5
    Add-computer -DomainName $domain -Credential $credential -force -Options JoinWithNewName,AccountCreate

Skip to main content