Active Directory computer falling off domain?

Posted on 2008-11-12
Last Modified: 2012-05-05
I have an issue with one Sharepoint server that has fallen off the domain twice already.

Management is trying to get me to find out who is maliciously bumping these machines off the domain however, I can't find out because the logs are too full and the computer properties show that it was still a part of the domain.

The only thing I can think of is someone deleted the computer account and recreated. I also seen cases where large scope VLAN changes bumped machines off as well.

What other non malicious issues could cause this? For some reason they think it's malicious but I know machines do this sometimes for no good reason.

? Thanks
Question by:snyderkv
    LVL 38

    Accepted Solution

    When you say "fallen off the domain" I assume you go into the computer properties and see that it is NOW a workgroup computer.

    If that is the case, only a couple things can cause this:

    1) some one did this manually
    2) You lost the secure channel between the Sharepoint server and Domain controller
    3) You lost the trust between the Sharepoint server and Domain server
    4) You have cloned or imaged this Sharepoint server and a second node on the domain has the same SID as the sharepoint server.

    Author Comment

    AH good point about the imaging of the server. I will ask

    Also, it is not in a workgroup. They will all still show in the GUI that it is on the domain only it's really not anymore.

    I understand that it would no longer have a secure channel but even if the domain controller reboots all machines will still be on the domain with a secure channel. Funny how it just gets bumped off.

    Any other suggestions or technical reasons why this could happen?

    Ill let you know what I come up with regarding the image.

    LVL 59

    Assisted Solution

    by:Darius Ghassem
    You need to reset the secure channel for the workstation. The steps are below in this post. If you just remove the client from the domain and re-add it this won't always fix the issue. Actually I have had it fix the issue once or twice just removing and adding it back to the domain it always seems to lose the secure channel password again.
    LVL 38

    Expert Comment

    No other suggestions, and I think Dariusq gave some good advice on resetting the secure channel. I have seen this off and on. There really is no appaerent reason for it.

    Prior to resetting the secure channel, see if this is an imaged or cloned machine. Resetting the secure channel on a cloned/imaged machine is senseless. It will just be problematic in the future. For a cloned or imaged machine, Unjoin the domain, delete the SID in AD, sun sysprep for a new SID, and then rejoin it to the domain.

    I also don't think this was done manually. I have seen this too often for it to be an intentional game you are playing with someone. If they had admin rights to unjoin it from the domain, I could think of far more things that could be done that would prove more fruitful to them.


    Author Comment

    Thanks everyones comments have been very helpfull.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    Installing a printer using group policy preferences is not that hard let’s take a look at it. First lets open up your group policy console and edit the policy you want to add it to. I recommend creating a new policy for each printer makes it a l…
    One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now