In some cases, you may need to join a machine containing a Directories Management connector to a domain.

About this task

For Active Directory over LDAP directories, you can join a domain after creating the directory. For Active Directory (Integrated Windows Authentication) directories, the connector is joined to the domain automatically when you create the directory. In both cases, you must supply the appropriate credentials.

To join a domain, you need Active Directory credentials that have the privilege to "join computer to AD domain". This is configured in Active Directory with the following rights:

  • Create Computer Objects

  • Delete Computer Objects

When you join a domain, a computer object is created in the default location in Active Directory.

If you do not have the rights to join a domain, or if your company policy requires a custom location for the computer object, you must ask your administrator to create the object and then join the connector machine to the domain.

Procedure

  1. Ask you Active Directory administrator to create the computer object in Active Directory, in a location determined by your company policy. Provide the host name of the connector, Ensure that you provide the fully-qualified domain name. For example: server.example.com

    You can find the host name in the Host Name column on the Connectors page in the administrative console. Select Administration > Directories Management > Connectors

  2. After the computer object is created, click Join Domain on the Connectors page to join the domain using any domain user account available in Directories Management.