Join Active Directory with the Command Line

Join Active Directory from the Command Line

On Linux or Unix computers, the location of the domain join command-line utility is /opt/pbis/bin/domainjoin-cli.

When you join a domain by using the command-line utility, AD Bridge uses the hostname of the computer to derive a fully qualified domain name (FQDN), and then automatically sets the FQDN in the /etc/hosts file.

You can also join a domain without changing the /etc/hosts file.

For more information, see Join Active Directory without Changing /etc/hosts.

Before You Join a Domain

To join a domain, ensure the following are in place:

The computer's name server can find the domain. Run the command:
```
nslookup domainName
```
The computer can reach the domain controller. Run the command:
```
ping domainName
```

Join a Computer to Active Directory

Run the following command as root.

Replace domainName with the FQDN of the domain that you want to join and joinAccount with the user name of an account that has privileges to join computers to the domain:

/opt/pbis/bin/domainjoin-cli join domainName joinAccount

/opt/pbis/bin/domainjoin-cli join example.com Administrator

On agent machines, execute the sudo su command before you run the domainjoin-cli command.

Join a Linux or Unix Computer to an Organizational Unit

Run the following command as root.

Replace organizationalUnitName with the path and name of the organizational unit that you want to join, domainName with the FQDN of the domain, and joinAccount with the user name of an account that has privileges to join computers to the target OU:

/opt/pbis/bin/domainjoin-cli join --ou organizationalUnitName domainName joinAccount.

/opt/pbis/bin/domainjoin-cli join --ou Engineering example.com Administrator

Join a Linux or Unix Computer to a Nested Organizational Unit

Run the following command as root, replacing these values:

path with the AD path to the OU from the top down, with each node separated by a forward slash (/).
organizationalUnitName with the name of the organizational unit that you want to join.
domainName with the FQDN of the domain.
joinAccount with the user name of an AD account that has privileges to join computers to the target OU:
```
/opt/pbis/bin/domainjoin-cli join --ou path/organizationalUnitName domainName joinAccount
```

Here is an example of how to join a deeply nested OU.

domainjoin-cli join --ou topLevelOU/middleLevelOU/LowerLevelOU/TargetOU example.com Administrator