Solved

Remove Client from Domain

Posted on 2000-05-02
9
708 Views
Last Modified: 2013-12-23
I need to remove a number of NT Workstation 4 Machines from an NT Domain in a batch file.  I initially  assumed that Netdom.exe could do this (Netdom.exe /D:%USERDOMAIN% MEMBER %COMPUTERNAME% /DELETE) But it only removes the machine account from the Domain Controller and does not seem to do the necessary changes on the client.  Apart from that it does not allow yout to specify the Workgroup name that it is joining.  Registry changes/Service changes/Utilities required to do this within a STANDARD NT batch file (No WSH available on client).  Anybody who can get an answer to me within the next 24 Hours gets a juicy 1000 points.
0
Comment
Question by:benstock
9 Comments
 
LVL 63

Expert Comment

by:SysExpert
ID: 2770833
This can be a real pain. I'll have to see if I have any info for you.
0
 
LVL 1

Expert Comment

by:Xces
ID: 2771045
You can modify the registy of the clients, I dont know how will work this but you can try, You can help with an utility that can modify automatically the registry, this is SMS installer and you can download of the microsoft site and the line of the registry is \Local_Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon..make a script an run in each client...download the software and when you have post a comment to help you...if you want you can write to jmsantimi@hotmail.com
0
 
LVL 63

Expert Comment

by:SysExpert
ID: 2771184
The easies way to do this is with sysdiff
You are going to do it manually for one station. doing a snapshot beofre, and a diff afterwards.
All the registry and file changes should show up.
You can then use the resulting Inf file to make batch changes in the registry.

You may have to make some changes to make it into a more standard Inf file or *.reg file.

I hope this helps.

--------------------------------
Server only      Included in the Windows NT Server, but not Workstation, Resource Kit.

Using this utility, you can pre-install applications as part of an automated setup, including applications that do not support scripted installation.

With SYSDIFF, you first create a "snapshot" of Windows NT Workstation after it has been installed on a reference computer. Then, you install the applications you want on the reference computer and create a difference file with information on the these applications. SYSDIFF enables you to view this difference file in a readable format. Finally, you apply the difference file to new installations on other computers, as part of an unattended setup or at any time after initial installation is complete.

If many applications must be installed, the difference file can become unmanageably large, as it contains the files and settings for all these applications. In this case, SYSDIFF enables you to create from the difference file an information (.INF) file containing only Registry and initialization (.INI) file directives. You can then use this information file to install the applications.

To create this separate .INF file, run SYSDIFF using the /inf switch. For documentation, see SYSDIFF.HLP.

A model information file, SYSDIFF.INF, is in the SUPPORT\DEPTOOLS\I386 folder on the Windows NT Workstation 4.0 or Windows NT Server 4.0 CD. SYSDIFF.INF is used to customize SYSDIFF while SYSDIFF is running. Do not use SYSDIFF.INF as a model for the kind of .INF file used to apply only Registry changes and .INI file changes.



Overview of Windows NT Resource Kit Tools version 4.00.03 © Microsoft Corporation 1985 - 1997
0
 
LVL 2

Expert Comment

by:pschwan
ID: 2771662
You may also want to try a simple program called PC Updater from LANovation (http://www.lanovation.com).  This program, in addition to capturing all those registry and file changes required, will dump them into a self-extracting executable.  I've used this many times for various troubleshooting issues and simplification of tasks like the one you're faced with.  I believe the trial version there will have the ability to do what you ask.  If not, I can send you an older version along with the Serial Number (I no longer use it).  The program can display various prompts before and after the installation.  You can build in safeguards to prevent it being run on the wrong OS, and you can set it to prompt for a reboot.  So if you were to, say, throw this into the script for the machines when they log in, it could make the necessary changes, prompt for a reboot, and poof!  they're off the domain.

Hope this helps you out.  Please do post whatever you do as I'm sure I'm not the only one interested in how you'll go about this:)

0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 4

Author Comment

by:benstock
ID: 2772527
I tried Sysdiff myself and it exposed no clues, it seems that it is not simply a registry issue.  I modified the settings in the sysdiff.inf file to include just about every registry key with no joy.  I also try SMS installer with the same results.  For 1000 points I would like a complete answer by 17:00 GMT0. (I'll grade with an A any complete answer that comes in by then)
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 2773103
Only 1000 points ?!
One of the ways that crossed my mind is to remove clients from server manager to get them out of domain A, then programatically join them to domain B with NETDOM.
You can't make them a member of a new workgroup unless you visit each machine.
If you can knock up a domain controller, this will create domain B for you.
What's your overall aim here ?
Do they need to be in workgroups ?

This IS a registry issue, but the information you need is encoded into the SAM portion, which SYSDIFF doesn't scan (as it's locked).

I'll keep looking...

0
 

Expert Comment

by:RyanBlace
ID: 2774276
PERL SCRIPT

PERL has the WIN32 calls to handle everything you need.  Build the script and have it run using either the scheduler (can be started remotely and then schedule for 10 minutes from now) or via logon script.

0
 
LVL 9

Accepted Solution

by:
dlb6597 earned 1000 total points
ID: 2774973
I use netdom all the time from a batch file to remove machines from the domain:

NETDOM MEMBER \\name /JOINWORKGROUP workgroupname
0
 
LVL 4

Author Comment

by:benstock
ID: 2776476
Well it turns out that dlb6597 is right(dlb6597 Strange name, how did that come about).

RTFM (More carefully) I suppose.

TVM for everyone for their input.

Would have replied sooner but the server looked as if it was down (might as well give an A grade anyhow)

Regards

Ben
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Have you ever set up your wireless router at home or in the office to find that you little pop-up bubble in the bottom right-hand corner of Windows read "IP Conflict - One of more computers on the network have been assigned the following IP address"…
This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now