If you want to manage your Windows 11 devices centrally and apply security policies, group policies, and other settings, you need to join them to an Active Directory domain. In this blog post, I will show you how to join a Windows 11 computer to an on-premises Active Directory domain using different methods.
Requirements and Preparations
Before you join your Windows 11 computer to a domain, you need to meet some basic requirements and make some preparations:
- Your computer must have a Pro, Education, Pro for Workstations, or Enterprise edition of Windows 11. Home editions do not support domain join. However, you can purchase a Home to Pro upgrade license.
- Your computer must be connected to a local network and be able to access at least one domain controller. You can check the network connectivity and DNS settings of your computer by using the
ipconfig /all
command in PowerShell or Command Prompt. - Your computer must be able to resolve the domain name and ping the domain controller. For example, if your domain name is
woshub.loc
, you can use the commandping woshub.loc
to test the name resolution and network connectivity. - Your computer’s local time must be within five minutes of the domain controller’s time. This is required for Kerberos authentication. You can check the time settings of your computer by using the
Get-Date
command in PowerShell or thedate
andtime
commands in Command Prompt. - Your computer must have a unique and meaningful name that will be used in the domain. You can change the computer name by using the classic Control Panel (
sysdm.cpl
) or PowerShell (Rename-Computer -NewName "wks-tst1"
). You need to restart your computer after changing the name. - You must have a user account with delegated administrative permissions to join computers to the domain. This can be a regular user account (by default, any domain user can join up to 10 devices) or a privileged domain administrator account.
Joining Windows 11 to a Domain Using System Properties
The classic way of joining a Windows computer to a domain is by using the System Properties dialog box. Here are the steps:
- Open Control Panel and click on System and Security > System.
- Click on Change settings under Computer name, domain, and workgroup settings.
- Click on Change under To rename this computer or change its domain or workgroup, click Change.
- Select Domain under Member of and enter your domain name (e.g.,
woshub.loc
). - Click OK and enter your user name and password when prompted.
- Click OK again when you see the message Welcome to the woshub.loc domain.
- Restart your computer.
Joining Windows 11 to a Domain Using Settings App
Another way of joining a Windows 11 computer to a domain is by using the Settings app. Here are the steps:
- Open Settings and click on Accounts > Access work or school > Connect.
- Click on Join this device to a local Active Directory domain under Advanced options.
- Enter your domain name (e.g.,
woshub.loc
) and click Next. - Enter your user name and password when prompted and click OK.
- Click Next when you see the message Welcome to the woshub.loc domain.
- Restart your computer.
Joining Windows 11 to a Domain Using PowerShell
You can also join a Windows 11 computer to a domain using PowerShell commands. Here are the steps:
- Open PowerShell as an administrator.
- Use the
Add-Computer
cmdlet to join your computer to the domain. For example:
Add-Computer -DomainName "woshub.loc" -Credential "woshub\administrator" -Restart
This command will prompt you for the password of the administrator account and then join your computer to the woshub.loc domain and restart it.
- Alternatively, you can use the
Join-Domain
cmdlet from the ActiveDirectory module (you need to install it first by usingInstall-WindowsFeature RSAT-AD-PowerShell
). For example:
Join-Domain -Name "woshub.loc" -Credential "woshub\administrator" -Restart
This command will do the same thing as the previous one.