Skip to main content

Boot in domain environment

Cloud DesktopAbout 2 minDesktop UIBoot in domain environment

Introduction to Windows domain

Windows domain is a network management mode that allows network administrators to control and manage a large number of computers and users from one place. Computers and users in the domain are verified and authorized by one or more servers (called domain controllers). Computers and users in the domain have their own accounts and passwords, and can log on to any computer in the domain. The domain can also set and apply various security and configuration options through group policy, as well as achieve resource sharing and access. Domains are usually used for large-scale enterprise, school or government networks, which can improve the security, scalability, redundancy and management efficiency of the network.

To implement Windows domain, the following requirements need to be met:

  • You need one or more servers with Windows Server operating system installed, as domain controllers, responsible for managing objects (such as users, computers, organizational units, etc.) and services (such as DNS, DHCP, AD FS, etc.) in the domain.
  • You need to install and configure Active Directory Domain Services (AD DS) role on the server, create and maintain the directory database in the domain.
  • You need to specify a unique name for the domain, such as example.comopen in new window, and register the name on the DNS server, so that computers inside and outside the domain can resolve the domain name.
  • You need to choose a suitable functional level for the domain, to determine the functions and compatibility that can be used in the domain. The higher the functional level, the more functions can be used, but it also requires all domain controllers to use the same or higher version of Windows Server operating system.
  • You need to join the client computers to the domain, so that they can accept the unified management of the domain and use the resources in the domain. Before joining the domain, you need to specify the DNS server address, and enter the domain name and administrator credentials on the client computer.

Installation requirements

The domain controller server is windows server 2008 R2 or above operating system (computer name: "domainserver", domain name: "test.comopen in new window") Please note: Do not install DHCP service on the domain controller, workstations use fixed IP.

domainserver
domainserver

The cloud desktop server is windows server 2008 R2 or above operating system (computer name: "clouddesktopserver"), joined to the domain "test.comopen in new window".

The cloud desktop client is windows 7 or above operating system (computer name: "test1"), joined to the domain "test.comopen in new window".

Installation steps

  • Please create a domain "test.comopen in new window" on the server "domainserver", and join the workstation "test1" and server "clouddesktopserver" to the domain. Please log in with a domain administrator on "test1" and "clouddesktopserver".
  • Install cloud desktop client on "test1", install cloud desktop server on "clouddesktopserver".
  • Upload image to cloud desktop server "clouddesktopserver", and make sure "test1" can boot disklessly.
  • Delete computer "test1" from Active Directory on domain server "domainserver".
Delete computer
Delete computer
  • Use command "Join Domain" on server "clouddesktopserver" to add "test1" and other computers to domain server "domainserver".
Join Domain
Join Domain

  • Disable computer password change on domain server "domainserver".

    • Open "Group Policy Management"
Group Policy
Group Policy
  • Edit default domain policy "Default Domain Policy"
Default Domain Policy
Default Domain Policy
  • In Computer Configuration->Policies->Windows Settings->Security Settings->Local Policies->Security Options, enable "Domain controller: Refuse machine account password changes".
Refuse machine account password changes
Refuse machine account password changes
  • In Computer Configuration->Policies->Windows Settings->Security Settings->Local Policies->Security Options, enable "Domain member: Disable machine account password changes".
Disable machine account password changes
Disable machine account password changes

  • Installation problem solutions

    • Login error after client startup: "The security database on the server does not have a computer account for this workstation trust relationship".
      Solution: Add computer to domain server on cloud desktop server.
No trust relationship
No trust relationship
  • Login error after client startup: "The trust relationship between this workstation and the primary domain failed"
    Solution: Delete the computer on the server, add computer to domain server on cloud desktop server.
Trust relationship failed
Trust relationship failed
Last update:
Contributors: jackie
Default footer
Copyright © 2023 Cloud Desktop