• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 587
  • Last Modified:

rejoin all computers to domain

Somehow I managed to delete from AD all of the computers on a 2008 R2 domain.

I added the computers back into the AD manually but the users now get the message that there is no computer account for the computer they are using.

What is the easiest way to re-establish the ability of users to login? Can I somewhere disable the need for a PC to be part of the domain in order for it to be used to login?

Al
0
albevier
Asked:
albevier
1 Solution
 
djcanterCommented:
Do you have Active Directory Recycle Bin enabled ?
0
 
XaelianCommented:
Use AD recycle bin. If it's not enabled. Maybe you can go to http://ipofserver/rejoin

Otherwise manually go to each pc, log in as local admin. Change domain to workgroup. Reboot. Log in as local admin. Change workgroup to your domain, enter admin credentials. Reboot, log in a domain account and everything is in order.
0
 
Mike KlineCommented:
By default users can add 10 machines to the domain.  If you haven't changed that (many places have). You could send instructions and let people know how to join their machines to the domain.  

I'm thinking maybe they can access the instructions via mail/OWA (if available).   How did every computer get deleted?


Thanks

Mike
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
ajm_1Commented:
Do you have any backups of the system state? You can restore the system state and that will put all your user/computer objects back on the server.
0
 
albevierAuthor Commented:
The site lost power last night so the system state did not get backed up and I've been working full days on the AD so it would take less time to visit each workstation than to re-do all of the changes I've done to AD. (this was  migration from 2003 to 2008 as well as to using RDS as well as actually attempting to lockdown not just RDS but the desktops as well so lots of AD changes and GPOs).

I have found that the AD Recycle was active so I can restore from there but that requires a learning curve (first try on a single PC did nothing so back to the manuals).

PROBLEM
If I have to visit each workstation, I have found that a local user was not created -- only the local users Administrator and Guest exist and their accounts are disabled. The Win 7 PCs will not allow me to login to the domain and I have no account available with which to login to the local PC

Is there a solution to logging on to each computer if it turns out I must?

Al
0
 
ajm_1Commented:
This the is way to crack the admin password if you are able to login the computer:
http://www.youtube.com/watch?v=itLpkkAZ6Sg&feature=related

This is the way to crack the local password if you are not able to get into the computer.  You will need to burn this to a CD and then follow the instructions to delete any existing local admin passwords.
http://pcsupport.about.com/od/toolsofthetrade/gr/offlinentpwed.htm


If I understand your problem correctly, you might need to use one of the above.  If not please explain further.
0
 
albevierAuthor Commented:
I know the password for the administrator to the local machine, but the account is disabled according to the password cracker ophcrack. So despite knowing the password, I cannot login locally. This is true of all the Win7 PCs I've visited so far.

Any thoughts on how to re-enable the account without being able to login?

Al
0
 
ajm_1Commented:
net user administrator /active:yes

Restart the PC in Safe Mode or any other mode and run the above command
0
 
albevierAuthor Commented:
Brilliant! I blush to say that I had no idea such a service existed native to 2008. As an aside, after struggling with the native implementation of restoring an object, I found this wonderful little FREE application. http://www.overall.ca 

Al
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now