Friday, July 23, 2010

Joining a machine to an Active Directory Domain across a Hamachi 2 VPN

OK. This is extremely geeky. I put this here just so others who might want to try this can find it. It is possible to join a machine to an Active Directory Domain across a Hamachi 2 VPN. A little bit of trickery is required, but it's actually pretty low-impact. The first step is to make sure that the machine you'd like to join to the domain is a member of the same Hamachi network as the domain controller and that it can see the DC. Ping to get the IP address of the Hamachi intermediation server (I get . On the machine that is joining the domain, set the Local Connection DNS setting to the Hamachi IP address of your domain controller. Now go into the Hamachi 2 client on the machine being joined to the domain. Go to Preferences, Settings, Advanced settings, Server connections, Server address and hardcode the IP address of the Hamachi intermediation server there. Hamachi should then be able to resolve and reconnect to the network. At this point, you can go ahead and join the machine to the domain. The thing to keep in mind is if you ever lose the Hamachi network connection between these machines, check to see if the IP address of has changed and change that setting in Hamachi appropriately.


Anonymous Anonymous said...

Is this assuming you've installed Hamachi on the Domain Controller? What if Hamachi is installed on a different server than the domain controller?

10/14/2010 01:15:00 PM  
Blogger Corgi, Dr. of Ursinity, Prattling Pasha of Positivism said...

Yes. The DC has to be in the same Hamachi network as the machine you wish to join to the DC. I recently had some problems with this procedure with Server 2008 R2. I need to do some more testing but I haven't gotten around to it.

10/14/2010 05:53:00 PM  
Anonymous Anonymous said...

Gave it a try. Still can't contact DC. Hamachi resolves.
Any troubleshooting ideas?

9/03/2011 04:47:00 PM  
Anonymous Anonymous said...

I was able to join the domain, I just had to manually input the DNS of the domain on the hamachi network connection.

Logging in after a reboot was tricky tho... I couldn't log in as a network user (Hamachi not running yet?) So I logged in as a local user, then Switched Users, and logged in as a domain user and it worked.

The next login, I was able to log in as the domain user first, but I suspect when the cached login limit is reached, I will need to login local, switch user again to reset it.

4/04/2012 11:01:00 AM  
Blogger aceth said...

I assumed hamachi ran as a local system service? Maybe give it a few minutes before logging in .. give time for hamachi to start up and connect the domain services. maybe?

7/13/2012 07:04:00 AM  
Blogger said...

Interesting post and thanks for sharing. Some things in here I have not thought about
before.Thanks for making such a cool post which is really very well written.
will be referring a lot of friends about this.Keep blogging.

8/04/2012 10:00:00 AM  
Anonymous Anonymous said...

I had to disable IPv6 on the client machine for this to work on a connection between a Server 2008 Domain controller and Windows 8 Pro Client.

12/07/2012 11:21:00 AM  
Anonymous Anonymous said...

Hi find that the option to make a gateway network has the best results,

i setup 2 x server 2008 rdp virtual machines with vmware, i can connect them 2 each other no problem and even join 1 of them to a domain in another city, or another vm on the same PC.

my problem comes during dc promo on the 2nd server , it gets to about 90% complete then it says "RPC server unavailable"

can you provide any assistance on how i can fix this its very important to me

thanks in advance

11/12/2013 12:09:00 PM  
Blogger Chuck Bayless said...

This comment has been removed by the author.

1/16/2014 04:48:00 AM  
Blogger Chuck Bayless said...

When you hard coded the ip to the hamachi client preferences settings on the machine to be joined to the domain, must you also use the same ip for the DC as well?

1/16/2014 04:51:00 AM  
Blogger Corgi, Dr. of Ursinity, Prattling Pasha of Positivity said...

It's been a long time since I last did this, but no it was not necessary to change any settings on the DC. Setting the client Primary DNS server to the Hamachi address of the DC allows the client to find the DC when it tries to join the domain. The change in the Hamachi settings allows the client to find the Hamachi intermediation server so it can establish a Hamachi connection. I haven't tried it, but you might be able to accomplish the same thing by setting Secondary DNS server on the client to or some other public DNS server.

1/16/2014 07:54:00 AM  

Post a Comment

<< Home