Some digression. Before I go to deployment my first VM – “Enterprise Windows 10“, that in future I use for some enterprise things, I need some preparation. In our organization users, cannot join device to domain. First we need to create Active Directory (forest level 2012 R2) object “Computer“, set name and set user or users group who permit join. Let’s go.

1. Run your “Active Directory – users & computers” console (from Domain Controller or Client PC, for example Windows 10 1607 with RSAT). Go to target “Organization Unit” (by expanding your tree);

adpccr12. Right Mouse Button click on the “Organization Unit” or in the “Organization Unit” (on free space) and select “New“, after in list select “Computer“;

adpccr23. Next fill parameters:

“Computer name” – name of device in domain (future device name). With accordance your coprorate politics about devices names;

“User or group” – select, who join device to domain (credentials entered on device when joining to domain);

After fill parameters – press “OK”;

adpccr34. Check completed steps;

adpccr4We make preparations and can go to windows deployment and domain joining.