Join Remote Workstation to AD Domain with Zscaler ZPA

Users located outside of corporate network can refer to the steps below on how to join remote workstation to AD Domain with Zscaler ZPA

Add Ports to Application Segments

Add all the ports required following Firewall Ports Required to Join AD Domain in ZPA Application Segments

Install Zscaler App with local Administrator Account

Download and install Zscaler App 1.5X from ZPA Admin Portal in Zscalar App Store

Login ZPA with valid credential and verify

  • Service Status of Private Access is ON
  • Can access to cooperate resources, like file server via FQDN

Join to AD Domain

Join to AD Domain remotely with ZPA connection established with Domain Administrator.

Add Cached Credential

You will get the following error message if you try to login with Domain Credential for now

Prepare the Cached Credential for Domain User Account and logoff from Zscaler App.

$User = "Aventislab\zpa"
$Password = "[email protected][email protected]#$"

$SecurePassword = ConvertTo-SecureString "[email protected][email protected]#$" -AsPlaintext -Force
$UserCredentials = New-Object System.Management.Automation.PSCredential -ArgumentList @($User,$SecurePassword)
Start-Process -FilePath 'CMD.EXE' -ArgumentList '/C ECHO' -Credential $UserCredentials -LoadUserProfile

Reboot the workstation again

Login with Domain Credential

Login with Cached Domain Credential

Login to Zscaler App again with Remember Me checked

Lastly, reboot again for Domain computer & User GPO to be applied.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top