Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Disjoin a computer from the domain

Posted on 2009-07-09
23
698 Views
Last Modified: 2012-06-21
The script belowe joins a computer to the domain if a computer is in a workgroup.
how for instance, If a computer  is in DOMAIN1 and I want to disjoin it and rejoin it to DOMAIN2, the script below doesn't do it.
I would like to have a script that disjoins the computer from the Domain1.

Thanks



=======================
script.sleep 60
Const JOIN_DOMAIN = 1
Const ACCT_CREATE = 2
Const ACCT_DELETE = 4
Const WIN9X_UPGRADE = 16
Const DOMAIN_JOIN_IF_JOINED = 32
Const JOIN_UNSECURE = 64
Const MACHINE_PASSWORD_PASSED = 128
Const DEFERRED_SPN_SET = 256
Const INSTALL_INVOCATION = 262144
 
strDomain = "mydomain.com"
strPassword = "domainpassword"
strUser = "Administrator"
 
Set objNetwork = CreateObject("WScript.Network")
strComputer = objNetwork.ComputerName
wscript.echo strcomputer
Set objComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!\\" & _
    strComputer & "\root\cimv2:Win32_ComputerSystem.Name='" & _
        strComputer & "'")
 
ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _
    strPassword, strDomain & "\" & strUser, NULL, _
        JOIN_DOMAIN + ACCT_CREATE)
Dim oShell
 
Set oShell = CreateObject("Wscript.Shell")
sReturn = oShell.Run("%comspec% /c shutdown -r -t 0 -f")
===============
0
Comment
Question by:jskfan
  • 12
  • 11
23 Comments
 
LVL 26

Expert Comment

by:Pber
ID: 24813039
This will unjoin the computer from the domain.  See this link:
http://www.vbsedit.com/scripts/ad/computer/scr_18.asp 
 
0
 

Author Comment

by:jskfan
ID: 24813105
I have the same script that I ran and didn't do anything.
0
 
LVL 26

Expert Comment

by:Pber
ID: 24813191
Have you played with the DOMAIN_JOIN_IF_JOINED option during the join?
e.g.
 

ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _
    strPassword, strDomain & "\" & strUser, NULL, _
        JOIN_DOMAIN + ACCT_CREATE + DOMAIN_JOIN_IF_JOINED)

Open in new window

0
How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

 

Author Comment

by:jskfan
ID: 24813241
NO....
is this the whole script? if not can you paste the whole script?
ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _
    strPassword, strDomain & "\" & strUser, NULL, _
        JOIN_DOMAIN + ACCT_CREATE + DOMAIN_JOIN_IF_JOINED)

0
 
LVL 26

Expert Comment

by:Pber
ID: 24813285
Sorry that was a chunk of your original code, I just added the DOMAIN_JOIN_IF_JOINED.
Here's the complete script modified

=======================
script.sleep 60
Const JOIN_DOMAIN = 1
Const ACCT_CREATE = 2
Const ACCT_DELETE = 4
Const WIN9X_UPGRADE = 16
Const DOMAIN_JOIN_IF_JOINED = 32
Const JOIN_UNSECURE = 64
Const MACHINE_PASSWORD_PASSED = 128
Const DEFERRED_SPN_SET = 256
Const INSTALL_INVOCATION = 262144
 
strDomain = "mydomain.com"
strPassword = "domainpassword"
strUser = "Administrator"
 
Set objNetwork = CreateObject("WScript.Network")
strComputer = objNetwork.ComputerName
wscript.echo strcomputer 
Set objComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!\\" & _
    strComputer & "\root\cimv2:Win32_ComputerSystem.Name='" & _
        strComputer & "'")
 
ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _
    strPassword, strDomain & "\" & strUser, NULL, _
        JOIN_DOMAIN + ACCT_CREATE + DOMAIN_JOIN_IF_JOINED)
Dim oShell
 
Set oShell = CreateObject("Wscript.Shell")
sReturn = oShell.Run("%comspec% /c shutdown -r -t 0 -f")
===============

Open in new window

0
 

Author Comment

by:jskfan
ID: 24813467
i tried it and it doesn't disjoin it.
0
 
LVL 26

Expert Comment

by:Pber
ID: 24813588
See this article: http://www.experts-exchange.com/Programming/Languages/Scripting/Q_22940881.html
You may need to disjoin in a separate step.
You could also try netdom.  That usually works the best:
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Q_22566073.html 
0
 
LVL 26

Expert Comment

by:Pber
ID: 24813615

I must apologize.
Normally I would test some of these scripts myself before posting to work bugs out if needed, but my lab is down and can't do much testing at the moment.
Sorry
0
 

Author Comment

by:jskfan
ID: 24813820
with Netdom, I will have to install it in every computer.
0
 
LVL 26

Expert Comment

by:Pber
ID: 24813865
You could place it on a file share and just grant the required rights to access it.
0
 

Author Comment

by:jskfan
ID: 24814033
Just for test purposes I installed MS Support tools on a computer and ran the following command and it disjoined the computer from the domain to workgroup.
netdom remove /d:mydomain mywksta /ud:mydomain\admin /pd:password

Instead of installing MS Support tools in every computer I ran the Netdom command from a computer that has MS support tools and pstools, I used psexec, but I noticed that in the target computer the command shows runnning in the task manager/processes but it stays there running without doing anything else until I kill the process.
0
 
LVL 26

Expert Comment

by:Pber
ID: 24814098
you don't need to install the support tools.   Netdom can be run from a share.  PSEXEC rocks.
Try running a command window from PSEXEC then running the netdom command from the remote command prompt.
 
0
 

Author Comment

by:jskfan
ID: 24814126
here is the command:
netdom remove /d:mydomain mywksta /ud:mydomain\admin /pd:password

can you write down here, the whole command  to be used with PSEXEC?

0
 
LVL 26

Expert Comment

by:Pber
ID: 24814157
Remote Command window:
psexec \\remotemachinename cmd
 
or probably what you did:
psexec \\remotemachinename netdom remove /d:mydomain mywksta /ud:mydomain\admin /pd:password
The remote command window option is good because you can see the outcome of the scripts much better than just an exit code.
0
 

Author Comment

by:jskfan
ID: 24814524
I have even put the whole Netdom command in a file.cmd then copied the file to the target computer c:\drive.
Then I ran psexec \\remotecomputer file.cmd, but did not work.

I also run psexec \\remotecomputer  the whole netdom comand and didn't work.

can you just write the psexec command here then I will try it???
0
 

Author Comment

by:jskfan
ID: 24814614
if I am not wrong, the psexec can just run what's one the target computer.
in my case if the support tools(Netdom) is not located in the target computer, I don't think it will work.
This is why I am looking for a VBscript or batch file that doesn't rely on the tools to be installed in the remote computer.
0
 

Author Comment

by:jskfan
ID: 24815461
it looks like I found half of the solution.

I shared the MS-Support tools folder on the network.
I copied  a .cmd file to the target computer and the content of .cmd file is:

\\computerwithSupporttools netdom remove /d:mydomain mywksta /ud:mydomain\admin /pd:password

If I run this command from the target computer when logged in to the console, it works fine and disjoins the computer from the domain, but if I use PSEXEC it doesn't work.

0
 
LVL 26

Accepted Solution

by:
Pber earned 500 total points
ID: 24815649

psexec \\remotemachinename -c netdom remove /d:mydomain mywksta /ud:mydomain\admin /pd:password
0
 
LVL 26

Expert Comment

by:Pber
ID: 24815661
0
 

Author Comment

by:jskfan
ID: 24815850
WOW this work just fine...
psexec \\remotemachinename -c netdom remove /d:mydomain mywksta /ud:mydomain\admin /pd:password

can you add a command to it to reboot the computer.
I am afraid I add another line like the ine below and what if it reboots the computer I am running the script from instead of the target computer.
Shutdown -r

0
 

Author Comment

by:jskfan
ID: 24816032
OK I just added the following line and it worked
psexec \\remotecomputer shutdown -r
0
 

Author Closing Comment

by:jskfan
ID: 31601529
Thanks for your help and perseverance!!!!!!!!!!!!!
0
 
LVL 26

Expert Comment

by:Pber
ID: 24816211
You could also use shutdown to reboot the remote machine without using psexec:
 shutdown -m \\remotecomputer -r -f
0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The way I use Experts Exchange to assist me in analyzing and diagnosing a problem is I first enter a Verbose Question at Experts Exchange like: Office 2007 will hang when opening and saving files I then launch WordPad (any text editor will do) an…
I hope you'll find this tutorial useful and interesting. So let's try to extend Tcl with a new package.  For anyone more deeply interested please check out the book "Practical Programming in Tcl and Tk". It's really one of the best written books abo…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question