During an offline domain join, a computer is configured to join a domain without contacting a domain controller
With Windows 7 and Windows Server 2008 R2, that process gets a bit shorter with the release of Microsoft’s Offline Domain Join tool djoin.exe. This tool enables Windows 7 or Windows Server 2008 R2 computers to join a domain without needing to communicate with a domain controller (at least, at first). Exceptionally useful for massive desktop rollouts, this tool comes in particularly handy when automating the deployment of virtual desktops. Here’s how you’ll use it:
Step one requires the use of a domain-joined computer. This computer, which will be referred to as the provisioning computer, works with a domain controller to pre-populate information about the offline computer. From the provisioning computer, run the following command to create the necessary provisioning file:
djoin /provision /downlevel /domain <domainName> /machine <offlineMachineName> /machineou <TargetOuToCreateAccount> /savefile <fileNameWithTxtExtension>
Running this command creates a text file that includes the necessary information for later adding this computer to the domain (as we are using Server 2003, I need to use the /downlevel switch which allows support for Windows Server 2008 DC or earlier).
Step two involves copying the file you created in step one to the client computer, which has not been joined to the domain.
Step three completes the process by ingesting the information in the copied file into the offline client. This is done by running the following command on the offline client computer:
djoin /requestODJ /loadfile <fileNameWithTxtExtension> /windowspath %SystemRoot% /localos
Once complete here, reboot the computer to join it to the domain. You can further automate this process by adding a little scripting around the domain join steps, or even including its information in an unattend.xml file.
Note: Don’t try and run this same piece of import code for other machines. The djoin import is unique to the PC name, therefore you will create a conflict. I found this out the hard way by getting “The trust relationship between this workstation and primary domain failed.” Error. If you do get this error message simply run through “My Computer -> Properties -> “Network ID” Wizard” or remove it from the domain and rejoin.
Source: http://nexus.realtimepublishers.com and technet.microsoft.com