Deleted computer account

Guest · Jul 31, 2004

I deleted a computer account from AD by mistake while that computer was signed on to the domain. Now I cant get that machine back on the domain. I have tried everything I can think of, adding it back in AD, running NETDOM from the workstation in question, etc. Nothing works, from the workstation I cant leave or join the domain (access Denied). With NETDOM I get "the machine account password for the local machine could not be reset. The specified domain either does not exist or could not be contacted". Am I going to have to reformat this workstation to get it back on the domain? Any help would be great!

Jim

Brian Desmond [MVP] · Jul 31, 2004

Jim,

This sounds like it might be a DNS issue on the workstation, have you tried
running netdiag on it and making sure its pointed at your DCs? Are you
logged in as a local admin?

--
--
Brian Desmond
Windows Server MVP
(e-mail address removed)12.il.us

Http://www.briandesmond.com

ramblreb said:
I deleted a computer account from AD by mistake while that computer was

signed on to the domain. Now I cant get that machine back on the domain. I
have tried everything I can think of, adding it back in AD, running NETDOM
from the workstation in question, etc. Nothing works, from the workstation I
cant leave or join the domain (access Denied). With NETDOM I get "the
machine account password for the local machine could not be reset. The
specified domain either does not exist or could not be contacted". Am I
going to have to reformat this workstation to get it back on the domain? Any
help would be great!

Guest · Jul 31, 2004

Yes I am logged on as local admin on the work station. In netdiag everything passes except for trust relationship (secure channel is broken, ERROR_ACCESS_DENIED) and LDAP (SNPs not registered on any DCs)

Jim

Guest · Jul 31, 2004

FYI

I am running a one server LAN, it is my PDC, DHCP, DNS and WINS server.

Jim

Guest · Aug 1, 2004

oops, I ment SPNs not SNPs.

Brian Desmond said:
Jim,

This sounds like it might be a DNS issue on the workstation, have you tried
running netdiag on it and making sure its pointed at your DCs? Are you
logged in as a local admin?

--
--
Brian Desmond
Windows Server MVP
(e-mail address removed)12.il.us

Http://www.briandesmond.com

signed on to the domain. Now I cant get that machine back on the domain. I
have tried everything I can think of, adding it back in AD, running NETDOM
from the workstation in question, etc. Nothing works, from the workstation I
cant leave or join the domain (access Denied). With NETDOM I get "the
machine account password for the local machine could not be reset. The
specified domain either does not exist or could not be contacted". Am I
going to have to reformat this workstation to get it back on the domain? Any
help would be great!

Guest · Aug 1, 2004

Oops I ment SPNs not SNPs.

Brian Desmond said:
Jim,

This sounds like it might be a DNS issue on the workstation, have you tried
running netdiag on it and making sure its pointed at your DCs? Are you
logged in as a local admin?

--
--
Brian Desmond
Windows Server MVP
(e-mail address removed)12.il.us

Http://www.briandesmond.com

signed on to the domain. Now I cant get that machine back on the domain. I
have tried everything I can think of, adding it back in AD, running NETDOM
from the workstation in question, etc. Nothing works, from the workstation I
cant leave or join the domain (access Denied). With NETDOM I get "the
machine account password for the local machine could not be reset. The
specified domain either does not exist or could not be contacted". Am I
going to have to reformat this workstation to get it back on the domain? Any
help would be great!

Guest · Aug 1, 2004

Oops, I ment SPNs not SNPs

Brian Desmond said:
Jim,

This sounds like it might be a DNS issue on the workstation, have you tried
running netdiag on it and making sure its pointed at your DCs? Are you
logged in as a local admin?

--
--
Brian Desmond
Windows Server MVP
(e-mail address removed)12.il.us

Http://www.briandesmond.com

signed on to the domain. Now I cant get that machine back on the domain. I
have tried everything I can think of, adding it back in AD, running NETDOM
from the workstation in question, etc. Nothing works, from the workstation I
cant leave or join the domain (access Denied). With NETDOM I get "the
machine account password for the local machine could not be reset. The
specified domain either does not exist or could not be contacted". Am I
going to have to reformat this workstation to get it back on the domain? Any
help would be great!

Guest · Aug 1, 2004

Ok, Sorry about the repete posts, kept telling me my post failed.

I went in with adsiedit.msc and added the SPN to that workstation. Now netdiag fails at DC List Test (ERROR_REQ_NOT_ACCEP) and Trust Relationship (ERROR_ACCESS_DENIED)

Dave Shaw [MVP] · Aug 1, 2004

Very simple question. Do you have a recent backup?

Why don't you simply restore the server from a good backup and dispense with
all the angst?

-ds

Guest · Aug 1, 2004

The tape backup device has been down for some time now, lack of funds, so no I dont have a backup, I wish I did.

Jim

ptwilliams · Aug 1, 2004

If you don't have a backup and the account has been deleted from the domain,
boot the workstation up offline, logon as a local administrator and add the
machine to a workgroup. Reboot it back online and join it to the domain.

--

Paul Williams
_________________________________________
http://www.msresource.net

Join us in our new forums!
http://forums.msresource.net
_________________________________________

The tape backup device has been down for some time now, lack of funds, so no
I dont have a backup, I wish I did.

Jim

Guest · Aug 2, 2004

I wish it were that easy. With the network cable unpluged and logged on as local administrator I receive "The following error occurred attempting to unjion the domain mydomain.com:"

"Accress is denied"

ptwilliams · Aug 2, 2004

Hmmm...that's interesting...

Well if your prepared to format, you may want to try this first...

Trash networking. Remove the protocols and services and delete the NIC.
Reboot and reinstall networking...

--

Paul Williams
_________________________________________
http://www.msresource.net

Join us in our new forums!
http://forums.msresource.net
_________________________________________

I wish it were that easy. With the network cable unpluged and logged on as
local administrator I receive "The following error occurred attempting to
unjion the domain mydomain.com:"

"Accress is denied"

Guest · Aug 7, 2004

That did not work either.

ptwilliams said:
Hmmm...that's interesting...

Well if your prepared to format, you may want to try this first...

Trash networking. Remove the protocols and services and delete the NIC.
Reboot and reinstall networking...

--

Paul Williams
_________________________________________
http://www.msresource.net

Join us in our new forums!
http://forums.msresource.net
_________________________________________

I wish it were that easy. With the network cable unpluged and logged on as
local administrator I receive "The following error occurred attempting to
unjion the domain mydomain.com:"

"Accress is denied"

Guest · Aug 7, 2004

After a very long call to tech support it was determined that only a
reinstall will correct the problem.

Deleted computer account

Guest

Brian Desmond [MVP]

Guest

Guest

Guest

Guest

Guest

Guest

Dave Shaw [MVP]

Guest

ptwilliams

Guest

ptwilliams

Guest

Guest