Domain plugin for Take Command / TCC / TCC/LE
beta version 0.64.3.6 2024-10-07
Charles Dye
Purpose:
This plugin helps manage workstations on network domains. It adds a new
command DOMAIN
to
join and leave domains, and several new functions
and internal variables to report the computer’s
current network membership status.
Installation:
To use this plugin, copy Domain.dll
and Domain.chm to some known location on your
hard drive. (If you are still using the 32-bit version of Take Command, take
Domain-x86.dll instead of
Domain.dll.) Load the plugin with a
PLUGIN /L
command, for example:
plugin /l c:\bin\tcmd\test\domain.dll
If you copy the .DLL file to a subdirectory named PlugIns within your Take Command program directory, the plugin will be loaded automatically when TCC starts.
Plugin Features:
New commands:
DOMAIN
,
DOMAINHELP
,
LISTOUS
New functions:
@DC
,
@PDC
,
@RANDX
New variables:
_COMPNAME
,
_DOMAINDNS
,
_DOMAINFOREST
,
_DOMAINMEMBER
,
_DOMAINNB
,
_DOMAINROLE
,
_NBCOMPNAME
,
_PDC
,
_WORKGROUP
Syntax Note:
The syntax definitions in the following text use these conventions for clarity:
BOLD CODE | indicates text which must be typed exactly as shown. |
CODE | indicates optional text, which may be typed as shown or omitted. |
Bold italic | names a required argument; a value must be supplied. |
Regular italic | names an optional argument. |
ellipsis… | after an argument means that more than one may be given. |
New Commands:
DOMAIN
— Join or leave a
network domain, or display the current domain membership status.
Syntax:
DOMAIN
domain /DS /L /OU:"
path" /P:
password /PDC /R /S:
server /U:
user /W /X /Y
/DS | delete the startup shortcut if successful |
/L | leave; remove the computer from the domain |
/OU:" path" | Full RFC 1779 path of the organizational unit to join |
/P: password | password for the administrative account |
/PDC | use the primary domain controller |
/R | reboot if the operation is successful |
/S: server | name of the server (domain controller) to use |
/U: user | administrative account to perform the operation |
/W | join a workgroup, not a domain |
/X | join even if computer is already part of a domain |
/Y | do not prompt before joining or leaving |
domain | name of the domain to join or leave |
If neither /L
nor a domain is
specified, the computer’s current domain membership status will be
displayed.
Use /L
to leave (“unjoin”) a domain. If you
specify both /L
and a domain, then
the domain must match the computer’s
current domain name. You can bypass this safety check by omitting the
domain.
If you specify /P:*
or if you give a user
name without a password, you will be prompted to
enter the password interactively.
By default, you will be prompted before joining or leaving a domain.
/Y
suppresses the prompt. If you specify /R
, the
computer will automatically reboot after a successful join or leave.
/R
and /Y
together will reboot with no chance to
cancel!
/OU
allows you to specify the organizational unit within the
domain you are joining. Give the full path, in RFC 1779 format, from the
innermost to the outermost unit; for example,
/OU:"ou=sales,ou=staff,dc=now99,dc=com"
. Alternatively, you can
pass the path as \
top-org\
sub-org…
(with a leading backslash) and the plugin will attempt to mangle it into
RFC 1779 format for you automatically. Do not use this option unless you
truly need to join a specific OU.
If /DS
is specified and a domain join or leave succeeds,
DOMAIN
will delete the shortcut used to launch TCC or the current
batch file. This option is not likely to be useful at the prompt! It’s
intended for use in turnkey batch files to join a computer to a domain, on the
theory that such a batch file will usually be called only once (after a
workstation is freshly imaged).
This command calls the NetJoinDomain() API.
domain mydomain /u:mydomain\machodude /p:Seekr3t /r /y
Return codes:
0 | success |
0 | syntax request via /? |
1 | syntax or usage error |
2 | the requested operation failed |
— | if the operation succeeded and /R was specified, DOMAIN will not return |
DOMAINHELP
— Open the
Domain plugin help file.
Syntax:
DOMAINHELP
topic
topic | the page to display |
The DOMAINHELP
command will locate and open this
plugin’s help file. In most cases, the internal HELP
command, and the F1 and Ctrl-F1 keys, will be more convenient. The sole
advantage to this command is that it can be used to open the help file to
any desired topic, not only to the names of commands, functions, and
variables.
LISTOUS
— List available
Organizational Units in a domain.
Syntax:
LISTOUS
domain /I /L /P:
password /U:
user /W:
wildspec /X:
wildspec
/I | parse RFC 1779 strings into intuitive format |
/L | display line numbers |
/P: password | password for the administrative account |
/U: user | administrative account to perform the operation |
/W: wildspec | include only OUs matching wildspec |
/X: wildspec | exclude OUs matching wildspec |
domain | name of the domain to examine |
If no domain is specified, the computer’s current domain will be used by default.
New Functions:
@DC
— Returns the number of
controllers or the name of one controller for a domain.
Syntax:
%@DC[
index,
domain]
index | 0 returns the number of controllers; 1 — n returns the name of a controller |
domain | if the computer is a member of a domain, this parameter is optional |
set n=%@dc[0]
iff %n gt 0 then
do i = 1 to %n
echo %i %@dc[%i]
enddo
endiff
@PDC
— Returns the name of the
primary domain controller for the specified domain.
Syntax:
%@PDC[
domain]
domain | if the computer is a member of a domain, this parameter is optional |
echo %@pdc[world.example.org]
@RANDX
— Returns a string of
random hex digits.
Syntax:
%@RANDX[
n]
n | the number of digits; defaults to 8 |
This utility function has nothing to do with domain membership. It is provided as a quick-and-dirty means of generating strings of a desired length, for creating computer names and the like.
echo %@randx[5]
New Variables:
_COMPNAME
— Returns
the computer’s name.
Syntax:
%_COMPNAME
This variable returns the fully qualified DNS name of the computer, including the domain name if any.
echo %_compname
_DOMAINDNS
— Returns the
domain’s DNS name.
Syntax:
%_DOMAINDNS
If the computer is not joined to a domain, this variable returns an empty string.
iff "%_domaindns" != "" then
echo %computername is a member of %_domaindns
else
echo %computername is not a member of a domain.
endiff
_DOMAINFOREST
— Returns
the domain’s forest name.
Syntax:
%_DOMAINFOREST
If the computer is not joined to a domain, this variable returns an empty string.
iff "%_domainforest" != "" then
echo %computername is a member of %_domainforest
else
echo %computername is not a member of a domain.
endiff
_DOMAINMEMBER
— Returns
1 if the computer is a member of a domain, or 0 otherwise.
Syntax:
%_DOMAINMEMBER
if %_domainmember == 1 echo Already joined to a domain!
_DOMAINNB
— Returns
the NetBIOS domain or workgroup name.
Syntax:
%_DOMAINNB
iff %_domainmember == 0 then
echo %computername is a member of workgroup %_domainnb
else
echo %computername is a member of a domain %_domaindns.
endiff
_DOMAINROLE
— Returns a
string describing the computer’s network role.
Syntax:
%_DOMAINROLE
Possible return values include:
Standalone_Workstation | not a member of a domain |
Member_Workstation | |
Standalone_Server | not a member of a domain |
Member_Server | |
Backup_Domain_Controller | |
Primary_Domain_Controller | |
Unknown | can’t happen? |
echo %computername is a %_domainrole.
_NBCOMPNAME
— Returns the
computer’s NetBIOS name.
Syntax:
%_NBCOMPNAME
This variable will generally return the same value as the
COMPUTERNAME
environment variable.
echo %_nbcompname
_PDC
— Returns the
name of the primary domain controller.
Syntax:
%_PDC
The returned name will begin with a double backslash. On any error, or if the computer is not joined to a domain, this variable will return an empty string.
echo %_pdc
_WORKGROUP
— Returns the
name of the computer’s workgroup.
Syntax:
%_WORKGROUP
If the computer is a member of a domain, this variable returns an empty string.
echo %_workgroup
Startup Message:
This plugin displays an informational line when it initializes. The
message will be suppressed in transient or pipe shells. You can disable it
for all shells by defining an environment variable named NOLOADMSG
,
for example:
set /e /u noloadmsg=1
Status and Licensing:
Consider this beta software. It may well have issues. Try it at your own risk. If you find a problem, you can report it in the JP Software support forum.
Domain is currently licensed only for testing purposes. I may make binaries and source code available under some free license once I consider it ready for use.
Download:
You can download the current version of the plugin from https://charlesdye.net/dl/domain.zip.