# Joining a Client to the Domain 8. ### Overview With the Domain Controller running and Active Directory configured, the next step was joining a client machine to the domain. This simulates the real world process of onboarding a new workstation into a company's Active Directory environment — one of the most common tasks performed by MSP technicians. ### Creating the Client VM A second VM was created in Hyper-V for the client machine: | Setting | Value | | ----------------- | -------------- | | VM Name | WIN10-CLIENT01 | | Generation | Generation 2 | | RAM | 2048 MB | | Virtual Hard Disk | 40 GB | | Network Adapter | LabSwitch | | ISO | Windows 10 Pro | > **Important:** Secure Boot was disabled before starting the VM — same as the Server VM ### Windows 10 Edition — Critical Lesson #### Issue Encountered The first install of Windows 10 used the **Home** edition. When attempting to join the domain: * Start → Settings → System → About → Rename this PC (Advanced) * The **Domain** field was completely grayed out #### Root Cause Windows 10 Home does not support domain join. Domain join is exclusively a **Windows 10 Pro** feature. This is by design — Home edition is intended for personal use, not enterprise environments. #### Fix Deleted the VM entirely and recreated it, selecting **Windows 10 Pro** during OS installation. > **MSP Context:** In a real environment, all company workstations run Windows Pro or Enterprise editions — never Home. When an MSP inherits a client environment running Home edition machines, upgrading editions is one of the first remediation tasks. Always verify the Windows edition before attempting a domain join. ### Configuring Static IP on the Client Before joining the domain, a static IP was assigned and DNS was pointed to the Domain Controller: | Field | Value | | --------------- | ------------- | | IP Address | 192.168.1.20 | | Subnet Mask | 255.255.255.0 | | Default Gateway | 192.168.1.1 | | Preferred DNS | 192.168.1.10 | #### Why DNS Points to the DC The client must be able to resolve lab.local through DNS before it can join the domain. lab.local is not a public domain — it only exists inside the DC's DNS server. Pointing DNS to 8.8.8.8 or any public DNS would cause the domain join to fail because those servers have no record of lab.local. > **MSP Context:** Incorrectly configured DNS on client machines is one of the most common causes of domain join failures in real environments. Always verify client DNS points to the DC before attempting a domain join. ### Verifying Connectivity Before Joining Before attempting the domain join, connectivity to the DC was verified: ping 192.168.1.10 Result: Successful replies confirmed the client \ could reach the DC over LabSwitch. nslookup lab.local Result: Resolved to 192.168.1.10 — confirmed the client could find the domain through DNS. > Always verify ping and nslookup before attempting a domain join. If either fails, the join will fail. Troubleshoot network connectivity first. *** ### Joining the Domain 1. Right clicked Start → System 2. Clicked Rename this PC (Advanced) 3. Under Computer Name tab → Change 4. Selected Domain radio button 5. Typed: lab.local 6. Clicked OK 7. Entered domain credentials when prompted: 8. Username: LAB\Administrator\ Password: \[stored securely offline] 9. Received Welcome to the lab.local domain popup 10. Restarted the VM *** ### Moving Computer Object to Correct OU After joining the domain, WIN10-CLIENT01 appeared in the default Computers container in Active Directory — not in the IT OU. This was moved manually: 1. Opened Active Directory Users and Computers on DC 2. Located WIN10-CLIENT01 in Computers container 3. Right clicked → Move → LabCorp → IT 4. Clicked OK > **Why this matters:** Computer objects must be in the correct OU to receive GPOs linked to that OU. A computer sitting in the default Computers container will not receive any OU-linked policies. This is a common oversight in real environments and a frequent MSP troubleshooting scenario. *** ### Logging in as a Domain User After reboot, logged in as a domain user for the first time: * Clicked Other User on login screen * Username: LAB\jsmith * Password: jsmith's domain password Successfully logged in as a domain user — confirming the client was fully joined and communicating with the DC. *** ### Troubleshooting Notes **Issue:** Domain field grayed out on first attempt **Cause:** Windows 10 Home installed — does not support domain join **Fix:** Reinstalled VM with Windows 10 Pro edition **Issue:** VM slow to boot from ISO **Cause:** Missing the narrow "Press any key to boot from DVD" window **Fix:** Set DVD drive to top of boot order in VM Firmware settings before restarting *** ### Skills Practiced * Building a Windows 10 Pro client VM in Hyper-V * Understanding Windows edition requirements for enterprise environments * Configuring client DNS to point to Domain Controller * Verifying connectivity with ping and nslookup before domain join * Joining a workstation to an Active Directory domain * Moving computer objects into correct OUs * Logging in with domain credentials * MSP workstation onboarding process --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://stefs-documentation.gitbook.io/stefs-documentation-docs/project-overview-bare-metal-homelab/active-directory/joining-a-client-to-the-domain.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.