Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 846
  • Last Modified:

Active Directory computer falling off domain?

I have an issue with one Sharepoint server that has fallen off the domain twice already.

Management is trying to get me to find out who is maliciously bumping these machines off the domain however, I can't find out because the logs are too full and the computer properties show that it was still a part of the domain.

The only thing I can think of is someone deleted the computer account and recreated. I also seen cases where large scope VLAN changes bumped machines off as well.

What other non malicious issues could cause this? For some reason they think it's malicious but I know machines do this sometimes for no good reason.

? Thanks
0
snyderkv
Asked:
snyderkv
  • 2
  • 2
2 Solutions
 
ChiefITCommented:
When you say "fallen off the domain" I assume you go into the computer properties and see that it is NOW a workgroup computer.

If that is the case, only a couple things can cause this:

1) some one did this manually
2) You lost the secure channel between the Sharepoint server and Domain controller
3) You lost the trust between the Sharepoint server and Domain server
4) You have cloned or imaged this Sharepoint server and a second node on the domain has the same SID as the sharepoint server.
0
 
snyderkvAuthor Commented:
AH good point about the imaging of the server. I will ask

Also, it is not in a workgroup. They will all still show in the GUI that it is on the domain only it's really not anymore.

I understand that it would no longer have a secure channel but even if the domain controller reboots all machines will still be on the domain with a secure channel. Funny how it just gets bumped off.

Any other suggestions or technical reasons why this could happen?

Ill let you know what I come up with regarding the image.

Thanks
Kliff
0
 
Darius GhassemCommented:
You need to reset the secure channel for the workstation. The steps are below in this post. If you just remove the client from the domain and re-add it this won't always fix the issue. Actually I have had it fix the issue once or twice just removing and adding it back to the domain it always seems to lose the secure channel password again.

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23629068.html
0
 
ChiefITCommented:
No other suggestions, and I think Dariusq gave some good advice on resetting the secure channel. I have seen this off and on. There really is no appaerent reason for it.

Prior to resetting the secure channel, see if this is an imaged or cloned machine. Resetting the secure channel on a cloned/imaged machine is senseless. It will just be problematic in the future. For a cloned or imaged machine, Unjoin the domain, delete the SID in AD, sun sysprep for a new SID, and then rejoin it to the domain.

I also don't think this was done manually. I have seen this too often for it to be an intentional game you are playing with someone. If they had admin rights to unjoin it from the domain, I could think of far more things that could be done that would prove more fruitful to them.

0
 
snyderkvAuthor Commented:
Thanks everyones comments have been very helpfull.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now