Introduction

Domain joining lets a machine be managed through Windows Server’s Active Directory. Once a computer joins the domain, it appears as a computer object in AD, but it still won’t have access to anything until it’s given the right permissions or added to the right groups. In a real organization, every workstation should be part of the managed domain so it can be controlled and monitored properly. Since this lab already has a user set up, once the machine joins the domain, I’ll just log in using that account.

By the end of this walkthrough, you’ll know how to connect a machine to an Active Directory domain.

Prerequisites

Before attempting to join the domain, make sure these are set.

  • Your Windows Server 2022 domain controller is running
  • The domain (e.g., myhomelab.local) is properly configured
  • DNS is configured so that the Windows 10 machine points to the domain controller’s IP address
  • You have a domain user account with permission to join computers
  • The Windows 11 machine can ping the domain controller

Having these set ahead of time helps make the domain join go as smoothly as possible.

Configuring DNS on the Windows 10 Machine

For a Windows machine to join a domain, it first needs to know where the Domain Controller is. Active Directory depends on DNS to make that connection. When you set the computer’s DNS to the Domain Controller’s IP address, the machine can look up the domain, locate the Domain Controller, and access all required AD services. If DNS isn’t pointed to the Domain Controller, the computer simply won’t be able to find the domain at all.

How to set DNS for the Domain Controller:

  1. Open Control Panel
  2. Go to Network & Internet
  3. Open Network & Sharing Center
  4. Click Change adapter settings
  5. Right-click your network adapter (NIC)
  6. Select Properties
  7. Click Internet Protocol Version 4 (TCP/IPv4)
  8. Set the Preferred DNS server to the Domain Controller’s IP address
DNS configuration screenshot

Verify with ipconfig /all.

ipconfig output screenshot

Joining the Windows 10 Machine to the Domain

Step-by-step walkthrough:

  1. Open System Properties in Settings
  2. Click About
  3. Click Domain or Workgroup
  4. Click Change to edit the Computer Name settings
  5. Select Domain and enter your domain name (e.g., homelab.local)
  6. When prompted, sign in with your domain credentials
  7. You should see a confirmation message that the machine joined the domain
  8. Restart the machine so you can log in as a domain user
Domain join confirmation screenshot Domain login screenshot

Logging in With a Domain Account

On the Windows login screen, click Other user to bring up the username and password fields. Enter the domain username and that user’s password. After signing in, you may be prompted to create a new password. Once that’s done and you log in for the first time, Windows will create a local profile for that domain user on the machine.

To verify that the joining was successful, check whether the machine appears in Active Directory Users and Computers under Computers or inside the OU you assigned it to.

Active Directory Users and Computers screenshot

Final Thoughts

The machine is now connected to Active Directory. This required pointing DNS to the Domain Controller and then joining the machine to the domain. This step is a core fundamental of any Active Directory environment. Now that it’s complete, the machine is recognized as a computer object inside the domain. This sets the foundation for applying Group Policies, collecting logs, hardening workstations, and eventually integrating tools like Security Onion.

Final thoughts screenshot