Closed PrzemyslawKlys closed 2 years ago
By default, In the Microsoft Active Directory, members of the authenticated user group can join up to 10 computer accounts in the domain. This value is defined in the attribute ms-DS-MachineAccountQuota on the domain-DNS object for a domain.
Get-ADObject -Identity ((Get-ADDomain).distinguishedname) -Properties ms-DS-MachineAccountQuota Set-ADDomain -Identity <DomainName> -Replace @{"ms-DS-MachineAccountQuota"="0"}
Users must have explicit permissions in Active Directory to join computers to a domain.
By default, In the Microsoft Active Directory, members of the authenticated user group can join up to 10 computer accounts in the domain. This value is defined in the attribute ms-DS-MachineAccountQuota on the domain-DNS object for a domain.
Users must have explicit permissions in Active Directory to join computers to a domain.