Rejoining domain


I rebuilt our DC, now all the servers and pc are not in the AD, my question is, is there a way for DC to pick up all servers and PCs without rejoining the new domain?

I used the same name

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hi mcrmg,

Using the same name means nothing - there is a unique identifier besides the name.

You will either need to restore the system state from tape - or, add everything else again manually (including user accounts)

Is it the only DC.If so than I don't think you can bring all servers and PCs back in AD without joining them.
As the previous posts mention, if it was the only DC on the domain, everything will have to be done manually....or at least you'll have to have a script to run on every single machine.  Every PC/server that depended on that DC for SIDs and account info will also have to have the permissions reapplied for shares to function properly.

If it's not the only DC on your domain, hope to hell that one of your remaining DCs is still a GC otherwise you have a lot more work to go through.  Rebuilding a domain without a GC is possible, but can take a very long time and may not be a good idea depending on the size of your network and will require backups.  If you have a DC that is also a GC, then you're laughing.....assuming you didn't make your new domain because of your AD users and computers or another similar reason.  If you want to use the original domain, I would recommend rebuilding the server again.  You could just run dcpromo to remove AD from the new domain, and then run DC promo to reinstall it to the old domain, but who knows what sort of issues this could bring up!

To add to red's comment, also ensure that the sysvol and netlogon folders are restored along with the system state.

This should give you enough information to proceed with whatever you need to do.  Personally, unless it wouldn't take a considerable extra amount of time to redo everything again, I would start from a clean setup if you have the chance, which you've already got on the go!  Users will not be happy that they have to regenerate passwords, but if it reduces the high risk of downtime they'd probably understand.  Where you draw the line is your call.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
OWASP: Avoiding Hacker Tricks

Learn to build secure applications from the mindset of the hacker and avoid being exploited.

mcrmgAuthor Commented:
I understand that I have to re-create user account, that fine....

The problem is that, after rejoining domain, it creates a new profile which is the pain, not only I have to make sure all the programs work and I have to move the pst file....thx

In this case you should have stood up a completely new Domain Controller within the domain.  Then move all the roles over to the new DC, dcpromo the old server down (Make sure to clean up DNS) and rebuild the new server back up again.  Once the new DC is built with the new OS, dcpromothe server back up and all will be well.  It would save you from having to completely recreate your AD environment.
when joing a server or workstation to a domain, it means to trust the workstation or server. When the domin is gone, it means the trust is gone. the user will not able to access the share they used to be able.  in order for them to access the share, the domain have to trust them again, by joining them back to the domain.
mcrmgAuthor Commented:
so, no way around it since I have a new DC?  thx
is thier profile store on the dc or local workstation? if workstation, you can copy the profile :

right click properties on My computer, select advance tab, click on user profiles settings, and copy the profile that you want.
You could do that, but the SIDs are going to be different anyway - encrypted files and OST files are 2 things that aren't going to work right away.

If you can still log into the workstation with cached credentials, that is a different story....

Log in with cached credentials and backup everything you will want in the future - and then, join the domain

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.