Rejoing a domain

[Guest]

We change a computer from another office to use a
local workgroup instead of the his normal domain.
We now can't rejoin this computer to his original
domain. It always give the message the the domain
doesnt' exist or can't be reached. Is there some
proceedure for rejoining a domain.

 

[Dave]

yes, you take the computer back to the network where the domain exists and
beg the IT people to put it back for you.

 

[Richard G. Harper]

With perhaps a little less sarcasm than Dave dispensed, that's about your
only option if you don't know the administrator login for the computer.
Have the IT staff help you re-join it to the domain, then let them know you
need to use it outside the network and have them help you correctly
configure it to do so.

--
Richard G. Harper [MVP Win9x] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

 

[Bill]

If this computer is to on different networks then I
suggest that you look at a product called MultiNetwork
Manager it's ideal when switching between networks and to
keep your configurations intact www.globesoft.com
Bill

-----Original Message-----
With perhaps a little less sarcasm than Dave dispensed, that's about your
only option if you don't know the administrator login for the computer.
Have the IT staff help you re-join it to the domain, then let them know you
need to use it outside the network and have them help you correctly
configure it to do so.

--
Richard G. Harper [MVP Win9x] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

We change a computer from another office to use a
local workgroup instead of the his normal domain.
We now can't rejoin this computer to his original
domain. It always give the message the the domain
doesnt' exist or can't be reached. Is there some
proceedure for rejoining a domain.

.

 

[Guest]

I know the administrator password of the computer and the
I can connect to the computers original network via a VPN
connection but it still doesn't let me rejoin the group.
Is there something which has to be allowed to pass through
the firewall inorder to be able to rejoin the group? Or is
there something on the server which has to be done to let
the computer rejoin the domain?

-----Original Message-----
With perhaps a little less sarcasm than Dave dispensed, that's about your
only option if you don't know the administrator login for the computer.
Have the IT staff help you re-join it to the domain, then let them know you
need to use it outside the network and have them help you correctly
configure it to do so.

--
Richard G. Harper [MVP Win9x] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

We change a computer from another office to use a
local workgroup instead of the his normal domain.
We now can't rejoin this computer to his original
domain. It always give the message the the domain
doesnt' exist or can't be reached. Is there some
proceedure for rejoining a domain.

.

 

[Dave]

I don't know about AD stuff, but in older domain setups you had to delete
the computer account on the domain before you could join it back in.

I know the administrator password of the computer and the
I can connect to the computers original network via a VPN
connection but it still doesn't let me rejoin the group.
Is there something which has to be allowed to pass through
the firewall inorder to be able to rejoin the group? Or is
there something on the server which has to be done to let
the computer rejoin the domain?

-----Original Message-----
With perhaps a little less sarcasm than Dave dispensed, that's about your
only option if you don't know the administrator login for the computer.
Have the IT staff help you re-join it to the domain, then let them know you
need to use it outside the network and have them help you correctly
configure it to do so.

--
Richard G. Harper [MVP Win9x] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

We change a computer from another office to use a
local workgroup instead of the his normal domain.
We now can't rejoin this computer to his original
domain. It always give the message the the domain
doesnt' exist or can't be reached. Is there some
proceedure for rejoining a domain.

.

 

[Guest]

If thats true does the user lose everything is his profile
or is there a proceedure to restore the profile after the
user is joined back into the domain?

-----Original Message-----
I don't know about AD stuff, but in older domain setups you had to delete
the computer account on the domain before you could join it back in.

I know the administrator password of the computer and the
I can connect to the computers original network via a VPN
connection but it still doesn't let me rejoin the group.
Is there something which has to be allowed to pass through
the firewall inorder to be able to rejoin the group? Or is
there something on the server which has to be done to let
the computer rejoin the domain?

-----Original Message-----
With perhaps a little less sarcasm than Dave dispensed, that's about your
only option if you don't know the administrator login

for
the computer.

Have the IT staff help you re-join it to the domain,

then
let them know you

need to use it outside the network and have them help

you
correctly

configure it to do so.

--
Richard G. Harper [MVP Win9x] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts- l.org/goodpost.htm



We change a computer from another office to use a
local workgroup instead of the his normal domain.
We now can't rejoin this computer to his original
domain. It always give the message the the domain
doesnt' exist or can't be reached. Is there some
proceedure for rejoining a domain.


.

.

 

[Dave]

no, the profile remains intact because that is part of the domain, you just
can't access it now because the machine can't authenticate it with the
domain and can't used the cached credentials because it doesn't trust the
domain any more. actually if you can get logged in to the vpn you may be
able to login the user accounts without rejoining the domain by giving a
user name like domain\username, that should force it to try to find a dc to
login that user even though its not part of the domain. it used to be that
the problem was how the machines logged into the domain (again, this may
have changed on AD). When a machine first joined a domain the machine and
domain controller did some magic and came up with a password that the
machine used each time it rejoined. somehow these rotated also i think.
but if you removed the machine from the domain it would dump its saved
password. it couldn't rejoin because now the domain controller thought it
was already there and wouldn't give it a new password so the only way to get
it back in sync was to also tell the domain controller it was gone then add
it back. but since the user accounts are really domain accounts once the
domain is accessible again they will be available to log back in just like
before.

If thats true does the user lose everything is his profile
or is there a proceedure to restore the profile after the
user is joined back into the domain?

-----Original Message-----
I don't know about AD stuff, but in older domain setups you had to delete
the computer account on the domain before you could join it back in.

I know the administrator password of the computer and the
I can connect to the computers original network via a VPN
connection but it still doesn't let me rejoin the group.
Is there something which has to be allowed to pass through
the firewall inorder to be able to rejoin the group? Or is
there something on the server which has to be done to let
the computer rejoin the domain?


-----Original Message-----
With perhaps a little less sarcasm than Dave dispensed,
that's about your
only option if you don't know the administrator login for
the computer.
Have the IT staff help you re-join it to the domain, then
let them know you
need to use it outside the network and have them help you
correctly
configure it to do so.

--
Richard G. Harper [MVP Win9x] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not
replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts- l.org/goodpost.htm



We change a computer from another office to use a
local workgroup instead of the his normal domain.
We now can't rejoin this computer to his original
domain. It always give the message the the domain
doesnt' exist or can't be reached. Is there some
proceedure for rejoining a domain.


.

.

 

[Dave]

or is that username/domain.... never could keep those slashes sorted out.

no, the profile remains intact because that is part of the domain, you just
can't access it now because the machine can't authenticate it with the
domain and can't used the cached credentials because it doesn't trust the
domain any more. actually if you can get logged in to the vpn you may be
able to login the user accounts without rejoining the domain by giving a
user name like domain\username, that should force it to try to find a dc to
login that user even though its not part of the domain. it used to be that
the problem was how the machines logged into the domain (again, this may
have changed on AD). When a machine first joined a domain the machine and
domain controller did some magic and came up with a password that the
machine used each time it rejoined. somehow these rotated also i think.
but if you removed the machine from the domain it would dump its saved
password. it couldn't rejoin because now the domain controller thought it
was already there and wouldn't give it a new password so the only way to get
it back in sync was to also tell the domain controller it was gone then add
it back. but since the user accounts are really domain accounts once the
domain is accessible again they will be available to log back in just like
before.

If thats true does the user lose everything is his profile
or is there a proceedure to restore the profile after the
user is joined back into the domain?

-----Original Message-----
I don't know about AD stuff, but in older domain setups you had to delete
the computer account on the domain before you could join it back in.

I know the administrator password of the computer and the
I can connect to the computers original network via a VPN
connection but it still doesn't let me rejoin the group.
Is there something which has to be allowed to pass through
the firewall inorder to be able to rejoin the group? Or is
there something on the server which has to be done to let
the computer rejoin the domain?


-----Original Message-----
With perhaps a little less sarcasm than Dave dispensed,
that's about your
only option if you don't know the administrator login for
the computer.
Have the IT staff help you re-join it to the domain, then
let them know you
need to use it outside the network and have them help you
correctly
configure it to do so.

--
Richard G. Harper [MVP Win9x] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not
replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts- l.org/goodpost.htm



We change a computer from another office to use a
local workgroup instead of the his normal domain.
We now can't rejoin this computer to his original
domain. It always give the message the the domain
doesnt' exist or can't be reached. Is there some
proceedure for rejoining a domain.


.



.

 

[david lazarus]

Based on a quick read I noticed that anonymous was trying to join the domain
with the Local Admin account. In order to get a computer to join a domain
you need "Domain Admin" priviledges. Normally your system administrator
would have these. So to answer the question you need to get an account that
has these priviledges and type in "domain\username" then the password. If
you dont have priviledges you cant join. Also dont worry about deleting the
computer account from AD as if the computer has not been rebuilt etc. then
it will still have the same SID and thus AD will recognise the computer and
allow it to use the same AD computer account.

You can access the VPN because your user account has priviledges to do so.
It has no bearing on your computer, which is why you can connect from any
machine.

 

[Dave]

i have heard that domain users can join up to 10 computers to a domain also.
haven't tried this myself though. i would think those would only be
computers who had never been on the domain, trying to rejoin one may not
work this way as the computer name is already recognized.

 

[Guest]

How does one remove the computer from the domain?

Thanks

-----Original Message-----
or is that username/domain.... never could keep those slashes sorted out.

no, the profile remains intact because that is part of

the domain, you
just

can't access it now because the machine can't authenticate it with the
domain and can't used the cached credentials because it doesn't trust the
domain any more. actually if you can get logged in to the vpn you may be
able to login the user accounts without rejoining the domain by giving a
user name like domain\username, that should force it to

try to find a dc
to

login that user even though its not part of the

domain. it used to be
that

the problem was how the machines logged into the domain (again, this may
have changed on AD). When a machine first joined a domain the machine and
domain controller did some magic and came up with a password that the
machine used each time it rejoined. somehow these rotated also i think.
but if you removed the machine from the domain it would dump its saved
password. it couldn't rejoin because now the domain controller thought it
was already there and wouldn't give it a new password

so the only way to
get

it back in sync was to also tell the domain controller

it was gone then
add

it back. but since the user accounts are really domain accounts once the
domain is accessible again they will be available to log back in just like
before.

If thats true does the user lose everything is his profile
or is there a proceedure to restore the profile after the
user is joined back into the domain?


-----Original Message-----
I don't know about AD stuff, but in older domain setups
you had to delete
the computer account on the domain before you could join
it back in.

I know the administrator password of the computer and
the
I can connect to the computers original network via a
VPN
connection but it still doesn't let me rejoin the group.
Is there something which has to be allowed to pass
through
the firewall inorder to be able to rejoin the group? Or
is
there something on the server which has to be done to
let
the computer rejoin the domain?


-----Original Message-----
With perhaps a little less sarcasm than Dave dispensed,
that's about your
only option if you don't know the administrator login
for
the computer.
Have the IT staff help you re-join it to the domain,
then
let them know you
need to use it outside the network and have them help
you
correctly
configure it to do so.

--
Richard G. Harper [MVP Win9x] (e-mail address removed)
* PLEASE post all messages and replies in the
newsgroups
* for the benefit of all. Private mail is usually not
replied to.
* My website, such as it is ...
http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-
l.org/goodpost.htm



We change a computer from another office to use a
local workgroup instead of the his normal domain.
We now can't rejoin this computer to his original
domain. It always give the message the the domain
doesnt' exist or can't be reached. Is there some
proceedure for rejoining a domain.


.



.

.

 

[Dave]

by setting it to be in a workgroup instead... but you really don't want to
do this.

How does one remove the computer from the domain?

Thanks

-----Original Message-----
or is that username/domain.... never could keep those slashes sorted out.

no, the profile remains intact because that is part of

the domain, you
just

can't access it now because the machine can't authenticate it with the
domain and can't used the cached credentials because it doesn't trust the
domain any more. actually if you can get logged in to the vpn you may be
able to login the user accounts without rejoining the domain by giving a
user name like domain\username, that should force it to

try to find a dc
to

login that user even though its not part of the

domain. it used to be
that

the problem was how the machines logged into the domain (again, this may
have changed on AD). When a machine first joined a domain the machine and
domain controller did some magic and came up with a password that the
machine used each time it rejoined. somehow these rotated also i think.
but if you removed the machine from the domain it would dump its saved
password. it couldn't rejoin because now the domain controller thought it
was already there and wouldn't give it a new password

so the only way to
get

it back in sync was to also tell the domain controller

it was gone then
add

it back. but since the user accounts are really domain accounts once the
domain is accessible again they will be available to log back in just like
before.

If thats true does the user lose everything is his profile
or is there a proceedure to restore the profile after the
user is joined back into the domain?


-----Original Message-----
I don't know about AD stuff, but in older domain setups
you had to delete
the computer account on the domain before you could join
it back in.

I know the administrator password of the computer and
the
I can connect to the computers original network via a
VPN
connection but it still doesn't let me rejoin the group.
Is there something which has to be allowed to pass
through
the firewall inorder to be able to rejoin the group? Or
is
there something on the server which has to be done to
let
the computer rejoin the domain?


-----Original Message-----
With perhaps a little less sarcasm than Dave dispensed,
that's about your
only option if you don't know the administrator login
for
the computer.
Have the IT staff help you re-join it to the domain,
then
let them know you
need to use it outside the network and have them help
you
correctly
configure it to do so.

--
Richard G. Harper [MVP Win9x] (e-mail address removed)
* PLEASE post all messages and replies in the
newsgroups
* for the benefit of all. Private mail is usually not
replied to.
* My website, such as it is ...
http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-
l.org/goodpost.htm



We change a computer from another office to use a
local workgroup instead of the his normal domain.
We now can't rejoin this computer to his original
domain. It always give the message the the domain
doesnt' exist or can't be reached. Is there some
proceedure for rejoining a domain.


.



.

.