Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Computer account reset so comp out of domain, but need user profile on that machine

Posted on 2006-07-21
6
Medium Priority
?
647 Views
Last Modified: 2008-02-01
Okay well here is the scenario -- due to some miscommunication a user reset a computer account which disjoined a workstation from the domain (I believe it is XP pro) from a 2000 or 2003 domain. So when she tried to login with this account she go the error "windows can not connect to the domain either because the DC is down (which it wasnt) or otherwise unable or because computer acccount is not found"

Now the user account we want to logon to was named lets say Jake -- we could just rejoin this machine to the domain and then logon as Jake but that would wipe out  Jake's local user profile which we would like to have when we logon
with his domain login.

Now we could just go into the local machine as admin and copy all the user data to an external drive and then just copy it into the new "Jake" after the machine is joined to the domain and the user logs in. However, it would be helpful to have all the settings:

Craylord solved a similar problem but was not sure if his solution applied:

Here is how he put it:

The key is to login to windows with the user first! Windows creates a profile folder at this time and associates it with the user account. Once this folder has been created, you can delete/rename it and rename/add the correct folder in its place. Skip the Advanced user copy button thing, takes waaaay too long. Once you get the hang of it, this process can be done in less than 5 minutes.

Restart and logon as a local administrator or another user with admin rights.
Rename the C:\documents and settings\username folder to username_bak
Delete (or rename) any bad folders that were created in a similar manner.
Add user to the pc's local administrators group. Login to pc with the "correctusername" or domain username. Restart and logon as a local administrator or another user with admin rights. (Restart is necessary because if you logoff, windows will still have some of the users files locked)
delete the newly created profile folder c:\documents and  settings\correctusername folderrename the c:\documents and settings\username_bak to the name of "correctusername" (the
newuserfolder)Logout and login as the new user. Tada done. You may have to reconnect Outlook .pst files.
 
So, gentlemen, would Craylords solution apply or would this procedure have to be modified for this situation?




0
Comment
Question by:appsolute
4 Comments
 
LVL 11

Accepted Solution

by:
Eric earned 672 total points
ID: 17155596
what if you remove the eithernet cable. use cached credentials. .  then use the xp file and settings transfer wizzard?

0
 
LVL 26

Assisted Solution

by:Pber
Pber earned 664 total points
ID: 17155676
So let me try and understand this.  The machine just got disjoined from the domain and the user can't logon.  You are worried if you just rejoin the domain, the users domain profile will get lost.  Is this right?

If so you can safely rejoin the domain and the user will automatically connect back to the original profile as they are assigned to the SID of the domain account and that didn't change.

Profiles usually never get over written, it just creates a new one with a suffix.  i.e. jake, jake.000, jake.domain.com, etc.

If you are worried about it, log on locally and copy the profile from documents and settings to another location before you try the above, but you'll be ok.
0
 

Author Comment

by:appsolute
ID: 17159679
Yes, but its a bit more complicated than that. How you back up -- from
my computer/advanced/user profiles or just from Explore makes a difference? Dont security settings get transferred with the profile?

0
 
LVL 3

Assisted Solution

by:artthegeek
artthegeek earned 664 total points
ID: 17160070
It's frustrating, I know - we've been thourhg this on a large scale in a poor disaster recovery environment -

Correct, the user profile should not get overridden, and yes, permissions can be a pblm - so you'll have to add the new domain user to the permissions & force inheritance.

Best approach other than rebuilding the profile from scratch:
Rename the profile (usernameBACKUP)
Rejoin to the domain,
Log in as the user, log out again,
Log in as Administrator, replace the newly created profile with the backup (rename or delete the new, rename the backup to the username)
Add the user to the ACL of the profile folder and force inheritance.

Test, test, test.

Good luck!
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question