Solved

Disjoin a computer from the domain

Posted on 2009-07-09
23
702 Views
Last Modified: 2012-06-21
The script belowe joins a computer to the domain if a computer is in a workgroup.
how for instance, If a computer  is in DOMAIN1 and I want to disjoin it and rejoin it to DOMAIN2, the script below doesn't do it.
I would like to have a script that disjoins the computer from the Domain1.

Thanks



=======================
script.sleep 60
Const JOIN_DOMAIN = 1
Const ACCT_CREATE = 2
Const ACCT_DELETE = 4
Const WIN9X_UPGRADE = 16
Const DOMAIN_JOIN_IF_JOINED = 32
Const JOIN_UNSECURE = 64
Const MACHINE_PASSWORD_PASSED = 128
Const DEFERRED_SPN_SET = 256
Const INSTALL_INVOCATION = 262144
 
strDomain = "mydomain.com"
strPassword = "domainpassword"
strUser = "Administrator"
 
Set objNetwork = CreateObject("WScript.Network")
strComputer = objNetwork.ComputerName
wscript.echo strcomputer
Set objComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!\\" & _
    strComputer & "\root\cimv2:Win32_ComputerSystem.Name='" & _
        strComputer & "'")
 
ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _
    strPassword, strDomain & "\" & strUser, NULL, _
        JOIN_DOMAIN + ACCT_CREATE)
Dim oShell
 
Set oShell = CreateObject("Wscript.Shell")
sReturn = oShell.Run("%comspec% /c shutdown -r -t 0 -f")
===============
0
Comment
Question by:jskfan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 12
  • 11
23 Comments
 
LVL 26

Expert Comment

by:Pber
ID: 24813039
This will unjoin the computer from the domain.  See this link:
http://www.vbsedit.com/scripts/ad/computer/scr_18.asp 
 
0
 

Author Comment

by:jskfan
ID: 24813105
I have the same script that I ran and didn't do anything.
0
 
LVL 26

Expert Comment

by:Pber
ID: 24813191
Have you played with the DOMAIN_JOIN_IF_JOINED option during the join?
e.g.
 

ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _
    strPassword, strDomain & "\" & strUser, NULL, _
        JOIN_DOMAIN + ACCT_CREATE + DOMAIN_JOIN_IF_JOINED)

Open in new window

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:jskfan
ID: 24813241
NO....
is this the whole script? if not can you paste the whole script?
ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _
    strPassword, strDomain & "\" & strUser, NULL, _
        JOIN_DOMAIN + ACCT_CREATE + DOMAIN_JOIN_IF_JOINED)

0
 
LVL 26

Expert Comment

by:Pber
ID: 24813285
Sorry that was a chunk of your original code, I just added the DOMAIN_JOIN_IF_JOINED.
Here's the complete script modified

=======================
script.sleep 60
Const JOIN_DOMAIN = 1
Const ACCT_CREATE = 2
Const ACCT_DELETE = 4
Const WIN9X_UPGRADE = 16
Const DOMAIN_JOIN_IF_JOINED = 32
Const JOIN_UNSECURE = 64
Const MACHINE_PASSWORD_PASSED = 128
Const DEFERRED_SPN_SET = 256
Const INSTALL_INVOCATION = 262144
 
strDomain = "mydomain.com"
strPassword = "domainpassword"
strUser = "Administrator"
 
Set objNetwork = CreateObject("WScript.Network")
strComputer = objNetwork.ComputerName
wscript.echo strcomputer 
Set objComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!\\" & _
    strComputer & "\root\cimv2:Win32_ComputerSystem.Name='" & _
        strComputer & "'")
 
ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, _
    strPassword, strDomain & "\" & strUser, NULL, _
        JOIN_DOMAIN + ACCT_CREATE + DOMAIN_JOIN_IF_JOINED)
Dim oShell
 
Set oShell = CreateObject("Wscript.Shell")
sReturn = oShell.Run("%comspec% /c shutdown -r -t 0 -f")
===============

Open in new window

0
 

Author Comment

by:jskfan
ID: 24813467
i tried it and it doesn't disjoin it.
0
 
LVL 26

Expert Comment

by:Pber
ID: 24813588
See this article: http://www.experts-exchange.com/Programming/Languages/Scripting/Q_22940881.html
You may need to disjoin in a separate step.
You could also try netdom.  That usually works the best:
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Q_22566073.html 
0
 
LVL 26

Expert Comment

by:Pber
ID: 24813615

I must apologize.
Normally I would test some of these scripts myself before posting to work bugs out if needed, but my lab is down and can't do much testing at the moment.
Sorry
0
 

Author Comment

by:jskfan
ID: 24813820
with Netdom, I will have to install it in every computer.
0
 
LVL 26

Expert Comment

by:Pber
ID: 24813865
You could place it on a file share and just grant the required rights to access it.
0
 

Author Comment

by:jskfan
ID: 24814033
Just for test purposes I installed MS Support tools on a computer and ran the following command and it disjoined the computer from the domain to workgroup.
netdom remove /d:mydomain mywksta /ud:mydomain\admin /pd:password

Instead of installing MS Support tools in every computer I ran the Netdom command from a computer that has MS support tools and pstools, I used psexec, but I noticed that in the target computer the command shows runnning in the task manager/processes but it stays there running without doing anything else until I kill the process.
0
 
LVL 26

Expert Comment

by:Pber
ID: 24814098
you don't need to install the support tools.   Netdom can be run from a share.  PSEXEC rocks.
Try running a command window from PSEXEC then running the netdom command from the remote command prompt.
 
0
 

Author Comment

by:jskfan
ID: 24814126
here is the command:
netdom remove /d:mydomain mywksta /ud:mydomain\admin /pd:password

can you write down here, the whole command  to be used with PSEXEC?

0
 
LVL 26

Expert Comment

by:Pber
ID: 24814157
Remote Command window:
psexec \\remotemachinename cmd
 
or probably what you did:
psexec \\remotemachinename netdom remove /d:mydomain mywksta /ud:mydomain\admin /pd:password
The remote command window option is good because you can see the outcome of the scripts much better than just an exit code.
0
 

Author Comment

by:jskfan
ID: 24814524
I have even put the whole Netdom command in a file.cmd then copied the file to the target computer c:\drive.
Then I ran psexec \\remotecomputer file.cmd, but did not work.

I also run psexec \\remotecomputer  the whole netdom comand and didn't work.

can you just write the psexec command here then I will try it???
0
 

Author Comment

by:jskfan
ID: 24814614
if I am not wrong, the psexec can just run what's one the target computer.
in my case if the support tools(Netdom) is not located in the target computer, I don't think it will work.
This is why I am looking for a VBscript or batch file that doesn't rely on the tools to be installed in the remote computer.
0
 

Author Comment

by:jskfan
ID: 24815461
it looks like I found half of the solution.

I shared the MS-Support tools folder on the network.
I copied  a .cmd file to the target computer and the content of .cmd file is:

\\computerwithSupporttools netdom remove /d:mydomain mywksta /ud:mydomain\admin /pd:password

If I run this command from the target computer when logged in to the console, it works fine and disjoins the computer from the domain, but if I use PSEXEC it doesn't work.

0
 
LVL 26

Accepted Solution

by:
Pber earned 500 total points
ID: 24815649

psexec \\remotemachinename -c netdom remove /d:mydomain mywksta /ud:mydomain\admin /pd:password
0
 
LVL 26

Expert Comment

by:Pber
ID: 24815661
0
 

Author Comment

by:jskfan
ID: 24815850
WOW this work just fine...
psexec \\remotemachinename -c netdom remove /d:mydomain mywksta /ud:mydomain\admin /pd:password

can you add a command to it to reboot the computer.
I am afraid I add another line like the ine below and what if it reboots the computer I am running the script from instead of the target computer.
Shutdown -r

0
 

Author Comment

by:jskfan
ID: 24816032
OK I just added the following line and it worked
psexec \\remotecomputer shutdown -r
0
 

Author Closing Comment

by:jskfan
ID: 31601529
Thanks for your help and perseverance!!!!!!!!!!!!!
0
 
LVL 26

Expert Comment

by:Pber
ID: 24816211
You could also use shutdown to reboot the remote machine without using psexec:
 shutdown -m \\remotecomputer -r -f
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever had a hard drive that you can't boot into, but need to change the registry? Here is the solution! This article guides you through accessing and editing a registry of a non-primary drive. To read registry information on a non-prim…
Many admins will agree: WSUS is is a nice invention but using it on the client side when updating a newly installed computer is still time consuming as you have to do several reboots and furthermore, the procedure of installing updates, rebooting an…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question