Bah.
Powershell - it'll prompt for your password:
remove-computer -credential [email protected] -passthru -verbose
add-computer -domainname example.org -credential
[email protected] -oupath
"ou=workstations,ou=computers,ou=us,dc=example,dc=org
restart-computer
Kurt
On Tue, Mar 18, 2014 at 11:37 AM, Free, Bob <[email protected]> wrote:
> Similar discussion on activedir a couple years ago. Bonnie may have been
> involved, don't recall.
>
> I had this in my notes from one of the Brians
>
> "Login to the afflicted computer as a local admin, disjoin the domain--but
> enter bogus domain credentials, so the computer's domain account doesn't get
> whacked--don't reboot yet or fully leave the computer naming dialog, and then
> rejoin and reboot.
>
> Alternatively, skip moving it to a workgroup altogether and just change the
> domain from the NetBIOS name to the FQDN or vice versa. So, if your computer
> is in a domain called Company, just change the name to company.com, enter
> creds and done."
>
> Finally for fixing and more importantly, understanding, things like this
> there's always joe.
> http://blog.joeware.net/2012/06/05/2508/
>
> -----Original Message-----
> From: [email protected] [mailto:[email protected]]
> On Behalf Of Ben Scott
> Sent: Monday, March 17, 2014 7:17 PM
> To: [email protected]
> Subject: [spam] [dkim-failure] Re: [NTSysADM] Rejoin Computer to Domain
> Without Removing
>
> On Mon, Mar 17, 2014 at 4:44 PM, Charles Sullivan <[email protected]>
> wrote:
>> Is there a way I can rejoin a computer to the domain without first
>> removing it? This would be for a scenario where the computer object
>> has been removed, or something similar to that.
>
> Procedure I use is:
>
> 1. Log on to computer as local admin
> 2. Tell computer to leave the domain
> 2a. Give it bogus credentials when it prompts for an account to connect to
> the domain with 2b. Don't reboot 3. Tell computer to join domain 3a. Give it
> proper credentials this time 3b. Reboot when prompted
>
> Item 2a is to prevent the computer from removing anything from Active
> Directory. That way, when you (re)join it, there's a greater chance that
> things will still be there.
>
> Item 2b is to prevent the computer from ever acting on the fact that it's
> not a domain member anymore (and uninstalling software, reversing Group
> Policy, screwing up permissions, etc.).
>
> One could unplug the network cable for step 2 instead, I suppose.
>
> Credit to Bonnie Miller for the idea.
>
> -- Ben
>
>
>
>
> PG&E is committed to protecting our customers' privacy.
> To learn more, please visit http://www.pge.com/about/company/privacy/customer/
>
>
