Joining a Machine to A Domain over VPN with Windows 7

This has probably been blogged about  a million times, but I wanted to get this down here for my own reference. I’ve always assumed that since XP (you could do this easily with XP) that in order to join a machine to a domain, you needed to be physically at that location.

I was recently faced with the need to join a VM to a customer’s domain, but I didn’t want to travel there, so I tried the approach below, and it worked. Hopefully it can help someone else as well. Here’s how:

  1. Establish a VPN connection with the destination network. I used the built in Microsoft VPN client, but any VPN client should work.
  2. Take note of the machine name and the local user account that you’re currently using
  3. Go through the standard domain joining procedure (note that you need to have an account with permissions to join a machine to the domain)
  4. Do NOT reboot right away. Make sure that you add the domain account that you’ll be using to the local administrators group (if applicable). I often forget to do this and it costs a few extra reboots
  5. Reboot the machine.
  6. Login as the user that you noted in #2. You’ll need to use the format MACHINENAMEUSERNAME. You will not yet be able to login as a domain user because you need to establish a VPN connection in order to see a domain controller to allow the login, and set up the domain account.
  7. Once logged in as the local user, establish a VPN connection to the destination network.
  8. Without logging the local user off, use the “switch user” function. (as shown below)image
  9. Login with the domain account that you want to use. The account will be set up locally for you.

This works because the VPN connection is shared between the login sessions. Once you’ve done this, you can log off the local account, and all should be well moving forward. If your domain user needs access to corporate resources,then another VPN connection will need to be established from within that session.

XP Mode and Sharing Documents

I’m quite liking the the Virtual PC and XP Mode on Win 7. One thing that I just sorted out and thought I should share is how the file sharing works. If you’re used to Virtual PC, you’re likely familiar with shared folders. You would normally use either that or mapped drives to share files between the VM and the host operating system. However, XP Mode doesn’t use Shared folders as such, it doesn’t quite work that way.

Any application running in XP Mode that opens up a file dialog will open to the “Documents” folder (what used to be “My Documents”). However, it’s not the same Documents folder as the one for the user that is currently logged in. Where is it then?

What XP Mode considers to be its Documents folder is actually the Public Documents folder on the host. By default, it’s available under Favorites in Windows explorer.

image

Pretty simple really. Anything put there by the host is available to the XP Mode applications, and vice versa.