Hi G. K r e n i k,
I’m following up to check whether the issue has been resolved. Feel free to reply if you need further information. If the information provided was helpful, please click "Accept Answer" to help others in the community. Thank you!
server 2019 join domain after disabling ipv6
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 74%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGK%3C/text%3E%3C/svg%3E)
G. K r e n i k
1
Reputation point
Last year we disabled ipv6 in order to join win10 to 2019 domain. This year, a few win 11 computers were able to join after disabling IPv6. This month, that "disable" work-around no longer works.
What is the preferred method or work-around to get these clients to join domain?
an fyi, years ago we had an easy link on client ....I miss not having that link!
Windows for business | Windows Server | Networking | Other
3 answers
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 86%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJN%3C/text%3E%3C/svg%3E)
Jason Nguyen Tran 12,945 Reputation points Independent Advisor2026-03-05T07:18:03.0666667+00:00 -
Jason Nguyen Tran 12,945 Reputation points Independent Advisor
2026-03-02T23:19:17.52+00:00 Hi G. K r e n i k,
Disabling IPv6 was never the preferred method for domain joins, but in some cases it appeared to bypass certain configuration issues. With newer versions of Windows 11 and updated domain controllers, that approach is no longer reliable, which is why you’re seeing inconsistent results now.
The recommended method is to leave IPv6 enabled, as Microsoft fully supports IPv6 in modern domain environments. Instead, please ensure that DNS is correctly configured on your clients, pointing to your domain controller’s DNS server. Misconfigured DNS is the most common reason domain joins fail. Also, verify that your domain controller and clients are on the same network segment and that firewall rules allow domain traffic (Kerberos, LDAP, etc.).
If you continue to have trouble, you can use the System Properties > Computer Name > Change option to join the domain, or run the PowerShell command
Add-Computer -DomainName <yourdomain>with administrator rights. These are the supported ways to join, and they don’t require disabling IPv6. I know you mentioned missing the old easy link, that was part of earlier versions of Windows, but the supported tools now are System Properties and PowerShell.I hope this helps you move forward smoothly. If you find this answer helpful, please consider clicking Accept Answer so others can benefit too.
Jason.
-
Q&A Assist2026-03-02T22:17:17.87+00:00 AI generated content. This question contains an answer created with AI from Q&A Assist. Learn moreIPv6 should not be disabled to make domain joins work. IPv6 is a mandatory part of modern Windows versions, and the recommended approach is to fix the underlying networking/AD/DNS issue rather than rely on disabling IPv6 as a workaround.
Preferred approach:
- Re‑enable IPv6 on clients
- Ensure IPv6 is not disabled via the
DisabledComponentsregistry value at:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\DisabledComponents. - If it was set to
0xFF(255) or another non‑default value, set it back to0(or use the “Prefer IPv4 over IPv6” value0x20if needed) and reboot. - This keeps IPv6 functional while allowing IPv4 to be preferred, which is the recommended configuration.
- Ensure IPv6 is not disabled via the
- Prefer IPv4 instead of disabling IPv6
- To prefer IPv4 over IPv6, configure
DisabledComponentsto decimal32(hex0x20). - After reboot, verify that IPv4 is preferred:
- Run
ping <your-domain>orping bing.comand confirm an IPv4 address is returned. - Run
netsh interface ipv6 show prefixpoliciesand ensure the::ffff:0:0/96prefix has higher precedence than::/0.
- Run
- To prefer IPv4 over IPv6, configure
- Fix the actual domain join problem (DNS/AD)
When domain join fails, the primary cause is usually DNS/AD connectivity, not IPv6 itself. Use the standard domain join troubleshooting steps:
- Verify correct DNS configuration on the client:
- Preferred DNS server must be a DNS server that hosts or can resolve the AD domain zone.
- Ensure the domain name and domain controllers can be pinged.
- Confirm domain controllers and DNS are reachable:
- Use
nltest /dsgetdc:<DNS domain name> /forceornltest /dsgetdc:<netbios domain name> /forceto verify a DC can be located.
- Use
- Check
C:\Windows\Debug\netsetup.logon the client for detailed join errors. - Ensure required ports between client and DC are open (per AD domain join requirements).
- Verify correct DNS configuration on the client:
- Join the domain using supported methods
- Use GUI (Server Manager / Control Panel → System → Change settings → Domain) or command line:
netdom join %COMPUTERNAME% /domain:YourDomainName /userd:DomainUsername /passwordd:* - After a successful join, reboot the client.
- Use GUI (Server Manager / Control Panel → System → Change settings → Domain) or command line:
- Consider domain join hardening changes
- Recent updates (KB5020276) introduce domain join hardening. If reusing existing computer accounts, ensure the joining user is either the creator of the account or a domain admin, or adjust the process so a domain admin creates/joins the computer as required.
Summary: Re‑enable IPv6, optionally configure “Prefer IPv4 over IPv6,” then focus on DNS/AD connectivity and use standard domain join procedures. Disabling IPv6 is no longer recommended and can break Windows components.
References:
- Re‑enable IPv6 on clients