Active Directory computer falling off domain?

I have an issue with one Sharepoint server that has fallen off the domain twice already.

Management is trying to get me to find out who is maliciously bumping these machines off the domain however, I can't find out because the logs are too full and the computer properties show that it was still a part of the domain.

The only thing I can think of is someone deleted the computer account and recreated. I also seen cases where large scope VLAN changes bumped machines off as well.

What other non malicious issues could cause this? For some reason they think it's malicious but I know machines do this sometimes for no good reason.

? Thanks
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

When you say "fallen off the domain" I assume you go into the computer properties and see that it is NOW a workgroup computer.

If that is the case, only a couple things can cause this:

1) some one did this manually
2) You lost the secure channel between the Sharepoint server and Domain controller
3) You lost the trust between the Sharepoint server and Domain server
4) You have cloned or imaged this Sharepoint server and a second node on the domain has the same SID as the sharepoint server.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
snyderkvAuthor Commented:
AH good point about the imaging of the server. I will ask

Also, it is not in a workgroup. They will all still show in the GUI that it is on the domain only it's really not anymore.

I understand that it would no longer have a secure channel but even if the domain controller reboots all machines will still be on the domain with a secure channel. Funny how it just gets bumped off.

Any other suggestions or technical reasons why this could happen?

Ill let you know what I come up with regarding the image.

Darius GhassemCommented:
You need to reset the secure channel for the workstation. The steps are below in this post. If you just remove the client from the domain and re-add it this won't always fix the issue. Actually I have had it fix the issue once or twice just removing and adding it back to the domain it always seems to lose the secure channel password again.
No other suggestions, and I think Dariusq gave some good advice on resetting the secure channel. I have seen this off and on. There really is no appaerent reason for it.

Prior to resetting the secure channel, see if this is an imaged or cloned machine. Resetting the secure channel on a cloned/imaged machine is senseless. It will just be problematic in the future. For a cloned or imaged machine, Unjoin the domain, delete the SID in AD, sun sysprep for a new SID, and then rejoin it to the domain.

I also don't think this was done manually. I have seen this too often for it to be an intentional game you are playing with someone. If they had admin rights to unjoin it from the domain, I could think of far more things that could be done that would prove more fruitful to them.

snyderkvAuthor Commented:
Thanks everyones comments have been very helpfull.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.