Guide Index

Quick Links
Connecting DOS/Windows Clients to a Domain Controller

Once you've got your domain controller working, perhaps inside some isolated network like a VLAN, you can start getting your old client machines connected to it. This is a very simple process, but varies between operating systems.


MS-DOS does not come with its own networking client, but you can install Microsoft Network Client 3.0 on later versions of MS-DOS. I would do 5.0 at the earliest, but 3.30 will probably work as well.

MS Client 3.0 setup information

Once you reach the screen that asks you to change some names and other network options as pictured above, you'll want to select Change Names.

MS Client 3.0 setup, change names (domain name is STORM here)

Set the user name to what you will be using to log on to your domain, as the domain controller will check it to see if it exists in the user database. Give your computer a unique name in the network, and set the domain name to what you assigned to the domain controller you set up.

MS Client 3.0 setup, change options (logon to domain is set)

Once that's done, select the menu Change Setup Options. There are a couple of options here that you should be mindful of: which redirector to use, and whether to use logon validation. To get the full benefits of a domain logon, you should use the full redirector, and set the Change Logon Validation option to Logon to Domain.

Do be mindful, though, that the full redirector will take up more conventional memory, which can prevent you from running certain DOS programs. If you need plenty of conventional memory at times, either use the basic redirector or modify CONFIG.SYS to load a boot menu with separate configurations for networking and memory conservation (only available in MS-DOS 6.x and later). The full redirector is not compatible with 8088 CPUs.

MS Client 3.0 setup, change network configuration

Don't forget to select Change Network Configuration afterwards to ensure your network card is loaded with the protocols you need. Only IPX is loaded by default. You may need to load the NetBEUI or TCP/IP protocol depending on what each server in your network is using. Remember, you can press the tab key to move between the two boxes on this screen.

Run through the rest of the setup program like so, reboot, and you should be able to log on to the network. To avoid getting pestered about a password list file, you can type Y when prompted about this to have one saved on your machine.

If a logon script doesn't execute, you'll have to start mapping network drives to vacant drive letters which will point to your file shares. This can be done with a command like:


MS Client 3.0 disk connections popup

Alternatively, you can just type NET to get a popup dialog on your screen; there, you can browse for shares and map them to drives in a very visualway.

MS Client 3.0 on real hardware, list of shares on HORNET

Windows for Workgroups 3.11

If you are using plain Windows 3.1, the aforementioned network client for MS-DOS needs to be used. Windows for Workgroups 3.11, on the other hand, comes with its own protected mode networking. Do not confuse this with Windows 3.11; this one is labeled "for workgroups" for a reason.

If you haven't set up any network drivers, you should do so by opening Network Setup in the Network program group.

Microsoft Windows Network dialog

Open the control panel; there you will find the Network item. Select that. A dialog will pop up which will let you set some options for logging on to the network. What's most important here is the startup settings dialog, which can be opened by clicking Startup under the Options section.

Microsoft Windows Network startup settings dialog

On this dialog, there is a section labeled Options for Enterprise Networking. There, you should check the box Log On to Windows NT or LAN Manager Domain. Specify the name of the domain you want to connect to in the text box. It would also be good to check the box Don't Display Message on Successful Logon, as all that does is say "corngratulation you log on". You don't need that dialog. If you can't log on to the domain, Windows will tell you so.

Click OK on all dialogs, and restart Windows. Log on with the credentials required for your domain. You may need to enter them multiple times, first for actually logging on, another for creating a password list file, and yet another specifically for the domain. So, you may have to enter your password three times, much like in the MS-DOS network client. It's fun!

Connect Network Drive dialog

If you've logged on successfully, any logon script you've placed on the server should execute, mapping any network drives you've put there. Otherwise, you can map network drives in the File Manager by going to Disk > Connect Network Drive.

Windows NT 3.x

Windows NT 3.51 Network Settings

When you're installing Windows NT, you're given the opportunity to join a domain during Setup. If you don't right there and then, you can always do so later by going to the network control panel. In the Network Settings dialog, click the Change button on the Workgroup line (this will read Domain if you've already joined a domain previously.)

Windows NT 3.51 Domain/Workgroup Settings

In the Member of section, select the Domain option and type the name of your domain. You may also wish to tick the box Create Computer Account in Domain. This is useful for having administrative privileges on the local computer as you log on to the domain.

Welcome to the STORM domain.

If you see a dialog confirming your machine has been joined to the domain, click OK on all the dialogs and restart the computer. Mapping network drives works exactly the same as in Windows for Workgroups 3.11.

Windows 95, 98, ME

Windows 95 network control panel

Assuming your network driver is already loaded, there should be a network component labeled "Client for Microsoft Networks" installed. If there isn't, add that now. Double click the component (or click Properties with it selected) and check the box labeled Log on to Windows NT domain.

Client for Microsoft Networks Properties (STORM domain specified)

Type the name of the domain you're going to connect to, click OK on both dialogs, and restart the computer. When you log back in, a third line in the logon dialog should appear which specifies the domain to log onto. Log on with valid credentials for your domain, and you should now be able to access shared resources on the domain by either mapping a network drive or browsing the Network Neighborhood.

Windows 95 network identification properties

If you cannot browse the network in the Network Neighborhood, you should go back to the network control panel, click the Identification tab, and set the Workgroup value to match the name of your domain. If you don't see the Microsoft Networking logon dialog on startup, set the Primary Network Logon setting to Client for Microsoft Networks or delete any unwanted client components.

The process is consistent across all versions of Windows 9x, and even works on Windows ME, an operating system that was never meant to be used in an enterprise setting.

Windows NT 4.0

Windows NT 4.0 network control panel

If you haven't already joined a domain during Windows NT 4.0 Setup, you can do so by opening the network control panel. On the first tab labeled Identification, click the Change button.

Identification changes dialog

In the Member of section, select the Domain option and type the name of the domain to connect to in the box. You may also check the box Create a Computer Account in the Domain and type a user name and password valid for the domain; this account should have permission to join workstations to a domain. When you log on to the workstation with this account, you'll have administrative privileges on the local machine.

After specifying the settings, restart the computer, select the new domain from the drop down menu in the logon dialog, and log on with your credentials.

Windows 2000

Windows 2000 system properties, network identification tab

Joining a domain in Windows 2000 and later versions of Windows that primarily expect an Active Directory-style domain is interesting since there are two ways one could go about joining a workstation to a domain. Whichever way you do it, you first have to right click My Computer and select Properties, or go to the System control panel.

Identification Changes dialog

One way to go about it is to click Properties, select the Domain option, and type the name of the domain you're connecting to. You will be prompted to specify the username and password of an account that has permission to join a workstation to the domain.

Network Identification Wizard

The other way to do it is by clicking Network ID. This wizard will join your computer to a domain and create a local account which you can assign administrative privileges to.

Network ID Wizard - connecting to the network

When you click Next, use the option This computer is part of a business network. On the next step, select the option My company uses a network with a domain.

Network ID Wizard - user account and domain information

Eventually, you'll reach a dialog that asks you to specify the credentials of a valid user on the domain which is authorized to join workstations to the domain. After entering the logon credentials, specify the name of the domain you're connecting to in the box, and click Next.

Network ID Wizard - computer domain

It's likely that the wizard will complain that it can't find an account for your computer on the domain. If you encounter this, type the name of your computer followed by the name of the domain. Click Next.

Network ID Wizard - domain user name and password

Now, type the logon credentials again... sound familiar?

Network ID Wizard - user account

Now, you can specify the user account you want to have loaded into the workstation's local user database.

Network ID Wizard - access level

You can then assign this user to a group, which will determine the level of local privileges the account has on the machine. I set this to Administrators so as to allow unrestricted control over the computer, which can be helpful for managing the computer and installing software.

That's all there is to the Network Identification Wizard. You'll need to restart the computer, and then you can log on to the domain with any valid account.