• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 885
  • Last Modified:

Active Directory computer falling off domain?

I have an issue with one Sharepoint server that has fallen off the domain twice already.

Management is trying to get me to find out who is maliciously bumping these machines off the domain however, I can't find out because the logs are too full and the computer properties show that it was still a part of the domain.

The only thing I can think of is someone deleted the computer account and recreated. I also seen cases where large scope VLAN changes bumped machines off as well.

What other non malicious issues could cause this? For some reason they think it's malicious but I know machines do this sometimes for no good reason.

? Thanks
  • 2
  • 2
2 Solutions
When you say "fallen off the domain" I assume you go into the computer properties and see that it is NOW a workgroup computer.

If that is the case, only a couple things can cause this:

1) some one did this manually
2) You lost the secure channel between the Sharepoint server and Domain controller
3) You lost the trust between the Sharepoint server and Domain server
4) You have cloned or imaged this Sharepoint server and a second node on the domain has the same SID as the sharepoint server.
snyderkvAuthor Commented:
AH good point about the imaging of the server. I will ask

Also, it is not in a workgroup. They will all still show in the GUI that it is on the domain only it's really not anymore.

I understand that it would no longer have a secure channel but even if the domain controller reboots all machines will still be on the domain with a secure channel. Funny how it just gets bumped off.

Any other suggestions or technical reasons why this could happen?

Ill let you know what I come up with regarding the image.

Darius GhassemCommented:
You need to reset the secure channel for the workstation. The steps are below in this post. If you just remove the client from the domain and re-add it this won't always fix the issue. Actually I have had it fix the issue once or twice just removing and adding it back to the domain it always seems to lose the secure channel password again.

No other suggestions, and I think Dariusq gave some good advice on resetting the secure channel. I have seen this off and on. There really is no appaerent reason for it.

Prior to resetting the secure channel, see if this is an imaged or cloned machine. Resetting the secure channel on a cloned/imaged machine is senseless. It will just be problematic in the future. For a cloned or imaged machine, Unjoin the domain, delete the SID in AD, sun sysprep for a new SID, and then rejoin it to the domain.

I also don't think this was done manually. I have seen this too often for it to be an intentional game you are playing with someone. If they had admin rights to unjoin it from the domain, I could think of far more things that could be done that would prove more fruitful to them.

snyderkvAuthor Commented:
Thanks everyones comments have been very helpfull.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now