Windows Server 2022

How to Join Windows Server 2022 Core to Active Directory

In this post, I will show you how to join Windows Server 2022 Core to an Active Directory (AD) domain. So, if you are you looking for more wholesome Windows Server 2022 goodness, you came to the right place!

Joining Windows Server Core to an Active Directory domain lets you manage the security of the server centrally. Instead of creating local accounts and managing them on your Server Core device, you can use a directory services solution like Active Directory, to manage user access and security settings for all the resources on your network.

There are several methods you can use to accomplish joining Windows Server Core to an AD domain. Microsoft…remember? Here are the high-level options:

  1. Log in locally and use Sconfig
  2. Use Windows Admin Center (Remote)

In my previous post, How to Install Windows Server 2022 Core, I described and demonstrated how to create a new Hyper-V virtual machine (VM), install Windows Server 2022 using the Server Core setup option, and perform a few ‘post-setup’ tasks.

Sponsored Content

Maximize Value from Microsoft Defender

In this ebook, you’ll learn why Red Canary’s platform and expertise bring you the highest possible value from your Microsoft Defender for Endpoint investment, deployment, or migration.

Because it’s relatively straightforward to join and disjoin Windows Server from an AD domain, I’ll show you how to accomplish the task using each of these methods. Let’s start with SConfig.

Windows Server Core AD domain join using SConfig

SConfig is installed automatically when you set up any recent Windows Server operating system using the ‘Core’ option. (Actually, SConfig is installed in Windows Server even with the ‘Desktop Experience.’ Try it out!) By default, in Windows Server 2022, it will load automatically when you log in interactively on the server, or via Remote Desktop.

SConfig – The Beginning

We can start this process by choosing option 1) Domain/workgroup. Then, ‘D‘ for Domain, and then enter your fully-qualified domain name (FQDN) (reinders.local).

Change domain/workgroup membership

Sconfig will then prompt for a user account with permissions to join a computer to the domain. Enter the info as appropriate.

Entering an authorized domain user to join

We’ve joined! It asks us if we want to rename our computer. Because ours is a good name, I’ll say (N)o.

Now, before we reboot, I’m going to move the computer object from the default ‘Computers’ OU in AD to my ‘Domain Member Servers’ OU. That way, it will receive any and all appropriate Group Policy and config information when it reboots.

Moving computer object to appropriate OU

After the reboot, I pressed Esc twice to engage the option to log into the server as a domain user. I then chose Other user and entered my domain credentials.

Log in with domain user

It worked and SConfig now shows we’re joined to the domain!

Joined to the domain!

Join Windows Server 2022 Core to AD using Windows Admin Center

So, we’ll do things a little differently here – utilize a different flow. I will use Windows Admin Center to disjoin the server from my domain. Then, I’ll show you how to rejoin the domain. So, we’ll catch a glimpse of each tool performing a different part of the join/disjoin process!

On my Windows 10 client PC, I’ve launched WAC and clicked on our new server.

Windows Admin Center – Ready to disjoin

So, not completely intuitive wording (I should file feedback on this one), but if you click ‘Edit computer ID‘ across the top, a new sidebar will open on the right.

Edit computer ID

I chose the Workgroup option, entered the name of ‘workgroup‘. I pressed OK and it prompted me for permissions to leave the domain. I entered the credentials and clicked Save. I then rebooted the server.

Leaving domain

Alright, the server is now back in Workgroup mode. I am going to create a new Server connection in Windows Admin Center because I need to use the local Administrator credentials to talk to this server. I manually added the server’s hostname, then selected it on the left in the list of connections, clicked ‘Manage as‘ on top, and entered my local Administrator credentials.

Connecting via WAC to local admin account

After that was completed, I went through the same motions by clicking ‘Edit computer ID’, chose Domain, entered all the pertinent info, rebooted the server, and voila, we are back!

WAC showing back on the domain!

You can see there are several methods for joining your shiny new Windows Server 2022 Core server to your domain. There are also PowerShell commands that allow you to perform similar steps. Maybe another post is in the works…

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

External Sharing and Guest User Access in Microsoft 365 and Teams

This eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

You will learn:

  • Who should be allowed to be invited as a guest?
  • What type of guests should be able to access files in SharePoint and OneDrive?
  • How should guests be offboarded?
  • How should you determine who has access to sensitive information in your environment?

Sponsored by: