Remove domain membership manually

[Irwan Hadi]

Our new staff accidentally imaged a workstation that joined to the domain
already, and clone this image to a few other workstations, which then
shipped to our remote location.

Of course the workstations with this image can't join the domain at all. Is
it possible to force removing the domain membership of a workstation
manually, because if I can do that, then I believe can I change the SID of
the machine by using newsid.exe program from SysInternals and rejoin this
workstation back to the domain.

If the workstations were local, I would gladly reimage them, but since some
of these workstations are shipped to remote location, is it possible to do
the above?

Thank You

 

[Pegasus \(MVP\)]

Our new staff accidentally imaged a workstation that joined to the domain
already, and clone this image to a few other workstations, which then
shipped to our remote location.

Of course the workstations with this image can't join the domain at all. Is
it possible to force removing the domain membership of a workstation
manually, because if I can do that, then I believe can I change the SID of
the machine by using newsid.exe program from SysInternals and rejoin this
workstation back to the domain.

If the workstations were local, I would gladly reimage them, but since some
of these workstations are shipped to remote location, is it possible to do
the above?

Thank You

I suspect that your biggest problem is not so much that the image
comes from a machine joined to the domain but that the NetBIOS
names are all the same. AFAIK you must change them manually
in the Control Panel. It's probably a good idea to fully test all
machines prior to shipping them to remote locations.

 

[Stuart]

Our new staff accidentally imaged a workstation that joined to the domain
already, and clone this image to a few other workstations, which then
shipped to our remote location.

Of course the workstations with this image can't join the domain at all. Is
it possible to force removing the domain membership of a workstation
manually, because if I can do that, then I believe can I change the SID of
the machine by using newsid.exe program from SysInternals and rejoin this
workstation back to the domain.

If the workstations were local, I would gladly reimage them, but since some
of these workstations are shipped to remote location, is it possible to do
the above?

Thank You

The new PCs will have the same netbios name as the imaged PCs so you won't
be able to bring them up while the imaged PC is up, once you can bring
them up, try running sysprep on them. If this works it will automatically
remove them from the domain.

I did this a while ago on some citrix servers, I built one server, then a
colleague took an image before I could sysprep the machine. Then blasted
the image out to other servers...I tried running sysprep in safe mode, but
it wouldn't let me complaining about not being able to sysprep while a
domain member.

I rebooted into normal mode, then...and heres where my memory fails me...
I think I syspreped them successfully, this removed the domain membership
without removing the computer account from AD.

If you can't sysprep the machine as it still moans about being in hte
domain, remove it from the domain in the usual manner then sysprep the
machine.

And in future you always need to sysprep machines before you image them.

Stu