How to Join Windows 8 to a Domain
Windows 8 either connects to the domain instantly, or else requires numerous adjustments to its network settings.
In this article I will show you how to successfully join a Windows 8 computer to a domain.
Connect Microsoft Windows 8 to a Domain
- Preparing to Join a Domain
- Connect Windows 8 to a Domain
- Troubleshooting Windows 8 Joining Domain
- Problems Connecting Windows 8 to a Domain
- Temporarily Disable the Firewall
Preparing to Join a Domain
Pre-requisites
- Your Windows 8 machine needs an Active Directory computer account.
- Your Windows 8 machine must be able to connect to a domain controller.
- Windows 8 Home edition cannot join a domain, you need the Pro or Enterprise edition.
- Logon to Windows 8 as a local Administrator.
- For Plan B) below you need the name and password of a domain administrator.
Tactics
- Plan A) Create a computer account ahead of time in your Active Directory.
- Plan B) Create the computer’s account ‘on-the-fly’ as you connect to the domain.
Connect Windows 8 to a Domain
Let us find the configuration sheet on your Windows 8 machine so that it can join a domain; I began by clicking on the Computer (Icon), then Properties. That took me to the Control Panel System and Security, System. The next step, which you can see on the screen below, is to click on ‘Change settings’.
Connecting to the Domain
From the System Properties sheet, Click on ‘Change’ and set the radio button to ‘Domain:’ now type the name of YOUR domain in the ‘Member of’ box. See screenshot below.
In my example I used the name 'BigDom'; if this did not join my Windows 8 machine to the domain, I would have typed the fully qualified domain name, e.g. BigDom.Local Incidentally you could use the same technique to join a Workgroup.
Guy Recommends: A Free Trial of the Network Performance Monitor(NPM)
v11.5
SolarWinds’ Orion performance monitor will help you discover what’s happening on your network. This utility will also guide you through troubleshooting; the dashboard will indicate whether the root cause is a broken link, faulty equipment or resource overload.
What I like best is the way NPM suggests solutions to network problems. Its also has the ability to monitor the health of individual VMware virtual machines. If you are interested in troubleshooting, and creating network maps, then I recommend that you try NPM now.
Download a free trial of Solarwinds’ Network Performance Monitor
Troubleshooting Windows 8 Joining Domain
Microsoft client operating systems have been joining Windows domains since NT 3.5; each new client employs the above technique, but for each successive operating system Microsoft introduce adjustments to the under-the-covers joining procedure; as a result each Windows clients experienced different connection problems for certain DNS and security configurations.
a) Is this a permissions problem? Make sure you have the domain administrator’s password.
b) Or more likely, is it a connectivity problem. Can your Windows 8 machine 'see' the domain controller?
Check the Basics
Can you ping the Domain Controller? Can you view the server from the Control Panel, Network? If yes, then examine the Windows 8 client’s TCP/IP values.
Microsoft’s Detailed Troubleshooting Advice
The domain name "BigDom" might be a NetBIOS domain name, which differs from the DNS name. If this is the case, verify that the domain name is properly registered with WINS.
If you are certain that the name is not merely a NetBIOS domain name, then Microsoft supplied this information to help troubleshoot your DNS configuration.
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "BigDom":
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.BigDom
Common causes of this error include the following:
– The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:
192.168.1.200
– One or more of the following zones do not include delegation to its child zone:
BigDom
. (the root zone)
Note: This information is intended for a network administrator. If you are not your network’s administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt.
SolarWinds Firewall Browser 
Here is an utility where you can review firewall settings such as access control lists (ACL), or troubleshoot problems with network address translation (NAT).
Other reasons to download this SolarWinds Firewall Browser include managing requests to change your firewall settings, testing firewall rules before you go live, and querying settings with the browser’s powerful search options.
Guy recommends that you download a copy of the SolarWinds free Firewall Browser.
Problems Connecting Windows 8 to a Domain
Full Computer Name – System Icon
One way of launching the System Icon is to hold down the Windows key and press the Pause / Break key.
My first suggestion is to line-up the client’s computer name with the domain name.
Click on ‘More..’ and append the full dns name to the simple computer name. For example type: Win8.BigDom.local. After the reboot try once again to join the Windows 8 computer to the domain.
Check DNS with Ipconfig
Despite your best efforts to make your Windows 8 machine part of an Active Directory domain, you still get error messages such as:
‘The following error occurred attempting to join the domain.
An attempt to resolve the DNS of a DC failed’
It is vital that the Windows 8 computer can resolve the domain name of the Active Directory that you are trying to join.
Ipconfig /all always reveals interesting information, particularly the DNS configuration.
Follow up by testing with ping:
ping server.domain.com.
Plain ping server, yields useful clues as to whether it’s a firewall problem or a faulty DNS configuration at the Windows 8 client. The situation maybe that ping or ICMP packets are allowed through the firewall, but the ports needed to join the domain are blocked.
NSLookup may also help troubleshoot DNS problems.
TCP/IP Adapter Settings
Visit the Network and Sharing Center (in the Control Panel), select the adapter then check: ‘Change adapter settings’. Does it have the correct DNS server in the TCP/IPv4 property sheet?
If it already receives an IP Address and a DNS server address via DHCP then this less likely to be the root problem, nevertheless you could manually edit the DNS IP address:
‘Use the following DNS server addresses:
Preferred DNS server’
Another idea is to specifically set the DNS address to the Windows Server, normally this is one and the same machine, but if DNS has its own server, this may enable you to join Windows 8 to the domain. If you experiment with different values for the IP address you don’t need to reboot
Some people prefer to disable IPv6, then try again to change from a member of a Workgroup to member of a Domain. 
Tip 1: Ipconfig /flushdns clears the cache if you are trying to ping different TCP/IP addresses.
Client for Microsoft Networks
Only once have I seen a machine where the Client for Microsoft was missing, as this is required for joining a Windows domain make sure its box is ticked. (See right)
I have also heard of problems where a disabled Netlogon service was the root cause of a Windows 8 machine failing to join a domain. Check this and dependent services by launching services.msc.
Tip 2: It's always worth comparing the setting with a second machine, preferably one which has already joined the domain.
Bridged Ethernet for Virtual Machines
I have not tried it myself, but I read that changing the networking setting under Virtual Machine to Bridged Ethernet allowed Windows 8 to connect to domain.
Tip 3: When things go wrong, and I eventually find a solution in the logs, I always vow that next time I will start troubleshooting in system Event Log!
Try SolarWinds Web Help Desk »
Guy Recommends: Response Time Viewer for Wireshark
Here is a free tool to troubleshoot network connection and latency problems. Key concept: this is a free tool from SolarWinds that analyzes network packets captured by Wireshark (also a free tool).
When you inspect the data in the Response Time Dashboard, if you hover over an application such as Teredo or TCP, then you get an orange box showing a breakdown of network and application response times, note the 'Peak value' in addition to the 'Average'.
Download your free trial of SolarWinds Response Time Viewer for Wireshark
Temporarily Disable the Firewall
This is Guy’s most contentious advice; almost nobody else recommends this albeit temporary security breach. There are two reason that I disable the firewall when I am troubleshooting; firstly, it has been to know to suddenly enable the Windows 8 computer to join the domain. Secondly, if I don’t disable the firewall my brain cannot seem to move on, and it fixates on firewall, when I really want to try another troubleshooting tactic.
I found the firewall settings thus: Control Panel, Windows Firewall. In a more sophisticated domain, you will probably have other firewall settings, however the principle is the same.
Windows Server 2008: Firewall Status – Off
Windows 8 Computer: Firewall Status – On
As a compromise, you could keep the firewall turned on for the public network, and try turning off for the work or private location.
One sign that it was indeed a firewall problem was when I ran the command: ping server. I got a reply from not from plain server, but from server.domain.com. This was an indication that not only were the ICMP (ping) ports open, but also that DNS was correctly configured and resolved my request for server to the fully qualified server.domain.com. As I only got this response after disabling the firewall, my conclusion was firewall was blocking the ports needed for Windows 8 to join the domain.
Even by opening ports, 389, 135, 88 and 53 I still could not join the domain. This is why I took the ruthless approach and just temporarily turned the Windows Firewall Off on the server side.
Rumours and Red Herrings About Joining a Domain
WINS
I heard a rumour that the only way to solve problems such as ‘The following error occurred attempting to join the domain’, was to enable WINS. All I can say is that WINS did not help in my situation.
Upgrading from Windows 7
If you upgrade a computer that is already in a domain, to Windows 8 this has no effect on the domain membership. In other words, it's perfectly safe to upgrade a Windows 7 domain member to Windows 8 and retain your domain membership.
Creating a Computer Account in Active Directory
While there is no harm in creating a computer account in the name of the machine that you want to join to the domain, this is neither essential, nor is it the root cause of this error. The only problem that creating a computer solves is if the account that is trying to join the Windows 8 machine to the domain, is NOT a Domain Admin. Even in this situation, Windows 8 provides a dialog box so that you can enter the name of Domain Admin and thus overcome permission problems.
Summary of Joining Windows 8 to a Domain
Window 8 either joins the Active Directory domain easily, or else requires a deal of troubleshooting involving DNS name resolution.
In my troubleshooting experiments one way of persuading a Windows 8 machine to join an Active Directory domain was turning off the firewall at the Windows Server 2008 end. In my opinion ‘The following error occurred attempting to join the domain‘ is most likely to be a firewall problem. The other possibility is that the TCP/IP settings for DNS are incorrect. Fortunately it’s easy to check the DNS name resolution by using ipconfig and ping.
If you like this page then please share it with your friends
Microsoft Windows 8 Install Related Topics
• How to Install Windows 8 • Windows 8 Live ID Logon • Win 8 Install • Windows 8.1 Install
• Windows 8 Uninstall • Windows 8 Hyper-V • Join Windows 8 to Domain • Windows 8 Dual Boot
• Windows 8 Remote Desktop • Windows 8 RecImg – Recreate Image
