Why add computers to Active directory domain?

windows windows-server-2008 active-directory
10,484

Solution 1

You put computers in AD for the same reason you put people in AD: Management and security.

You add users to your domain to give them access to different resources, but also to control their access. The same thing goes for computers. Just as you dont allow just anyone to log into the domain, you do not allow any computer access either.

Look in group policy, you will see just as much management criteria for computer as people. You can learn a lot just looking at the controls you have.

Solution 2

You join computers to the domain for centralized management. It enables you to use other Microsoft services, such as Group Policy (with per computer settings) and WSUS. Also, if a computer is joined onto a domain, any domain user can login to it while connected to the network.

Group Policy is extremely useful, in itself, as you can tweak very nearly every setting on a Windows computer (or group of computers, or all your computers) through it.

Share:
10,484

Related videos on Youtube

Shurmajee
Author by

Shurmajee

If you think technology can solve your security problems, then either you don't understand the problems or you don't understand the technology.

Updated on September 18, 2022

Comments

  • Shurmajee
    Shurmajee over 1 year

    I have been playing around with windows server and Active directory for quite some time. One can simply add a new user in AD and then add the client to the domain. this will create a domain account for the user.

    I wonder what is the need to add computers to the domain in the server manager? Why adding a user to the domain is not enough?

    I have searched on this topic but all the references talk about how to but I am looking for why to?

  • Shurmajee
    Shurmajee about 11 years
    what if the computer and user both have different set of security policy associated with them? which of them gets priority
  • Shurmajee
    Shurmajee about 11 years
    if i am adding a user to a domain then some other user of the domain can also login to the domain through that computer, Without really adding that computer
  • Keltari
    Keltari about 11 years
    restrictions always take precedence.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How can I see all users of domain in this PC?
How to Get user info from different domain
Cannot open any applications on windows server 2008 R2 Standard edition
Windows Server 2008 Domain alias for users to log on to?
Does "User name may not be same as computer name" apply to active directory user names
Certificate Not showing on the Web console
Reset AD Domain Administrator Password
How can I view all files on each of the computers in my Domain?
Adding another domain controller to a small 2008R2 network: steps I am missing(?)
username.domain profile in AD environment