Solved

How to add a PC back to a domain Remotley sbs2011

Posted on 2014-03-08
5
363 Views
Last Modified: 2014-03-11
Hi I made a mistake & instead of remotely connecting to a local PC on the domain
Through the SBS2011 server console, I removed the PC from the domain
Unfortunately the local PC doesn’t have a local password, so I can’t RDC to it
& if I try the user or server AD login, I get a trust error.
Question is how I can put the PC back on to the AD Remotely
It’s an easy Fix on-site or with assistance from there
But would prefer if possible to fix remotely
I’ve tried PStools to add a user password (error access denied)
Windows 7 Pro
0
Comment
Question by:Logical_Step
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 35

Accepted Solution

by:
Kimputer earned 167 total points
ID: 39914398
Valid local admin credentials are key in administrating that computer. Since you lost it, there's no other way then to get local admin again. Probably you have to guide someone into burning a TRK (Trinity Rescue Kit) boot CD, and get the local admin going again (interactive winpass). After that, get that someone to log in as local admin, and start a remote session (ammyy or teamviewer, preferable installed as a service, so you can get back in after a reboot). Set up VPN again, and add to your domain.
0
 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 167 total points
ID: 39914484
I agree on the fact that this cannot be done without a local account (it would not need to be an administrative account, though). When disjoining from a domain, there must be a local account active, otherwise the computer cannot be disjoined. So there will be a solution if you can logon as some local user.

The guy in fornt of the machine can join the machine providing his own domain credentials in a local account session if you delete the computer account in AD first, without, only domain admins may join, so delete it or, if that poses any problems, give the guy in front of it write permissions on the old object.
0
 
LVL 27

Assisted Solution

by:masnrock
masnrock earned 166 total points
ID: 39915245
If depends on the tools that you're using. RDP is not an option because of a lack of authentication. However, if you're utilizing something like Labtech or VNC, then it would be doable. Or even if you can get someone to get on the computer so you can have them start a remote support session using something like join.me
0
 
LVL 1

Author Comment

by:Logical_Step
ID: 39915542
Thanks Guys
Looks like I need to be there early tomorrow morning
before anyone starts , its an easy fix on-site , just wanted to see if I could do it remotely
I could wait till the new girl showed up , but because I said it was all done & ready That's my issue

Means not jumping on a sever late at night after a few  ,, to avoid issues
0
 
LVL 1

Author Closing Comment

by:Logical_Step
ID: 39921879
Thanks all was just confirming if it could be done
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question