Some budgets don’t allow for smaller offices to have their own domain controllers yet you still need to make sure computers are getting up to date policies from your domain. I’ll show you a quick way to add a computer to a domain over a site to site vpn tunnel.
First thing you want to do is make sure that your pc can reach your domain controller. Run a quick nslookup with your domain controller of choice.
If you have a basic setup, the response you should get will look similar to this
Server: unknown Address: 192.168.5.1 Name: dc1 Address: 192.168.1.5
The address for the server should show the gateway of the computer the command is being ran from and the address for dc1 should just be its actual IP address.
Active Directory Sites and Services
After verifying that we can reach our domain controller we want to set up site and services. Open up Active Directory Sites and Services on your domain controller. We want to create a new site and a new subnet. The dialogs for both of these options is very straightforward. You’re going to want to create a subnet and site for both the remote and local locations. Once created, your domain controllers and clients will know what domain controller to route request to.
This is the last portion of the setup is setting up a DHCP scope. You need to create a new scope with the remote locations subnet. You can use whatever options you wish for your scope options. The only mandatory options you need is router(the remote locations router IP), DNS Domain Name(your domain name) and DNS Servers(list of DNS servers at your main site). After setting this up, you want to log into the remote locations router and set up DHCP Relay to use the domain controller from your main site. Once you do that, open up cmd and renew your IP address to get new settings from your domain controller
ipconfig /release && ipconfig /renew
Test it out!
Now that we finished with all of that setup, we can test out our setup by attempting to join a domain. Open up powershell on the computer you want to join to your domain and run the following command
Add-Computer -domain “mydomain.com” -restart -force
That command will add the current computer to the specified domain and restart it so the changes apply. Check out this post to get more details about the command.