Solved

Unable To Re-add Machine to Domain

Posted on 2014-04-29
9
523 Views
Last Modified: 2014-05-20
Hi all.

Lately I have noticed that when we remove a machine from our domain in order to be re-imaged, we cannot re-add it with the same machine name.  We usually end up adding an extra character to the new machine name to make this work.
We typically delete the machine name, re-image the machine and then try to join.

Thanks
0
Comment
Question by:IDMA
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 15

Expert Comment

by:WalkaboutTigger
ID: 40030567
How many domain controllers do you have?
Are you experiencing AD replication errors?
When you remove the computer from the domain, is the process of removing the computer correctly deleting the computer account?
What error do you receive when you attempt to add a computer back to the domain with the same name?
0
 

Author Comment

by:IDMA
ID: 40030590
-7 Dcs
-No replication errors so far
-Please enlighten me on to properly remove te computer from the domain.  Most of the time, these are machines that we get back in a non-bootable state.
-Most of the time we do not even get an error.  The joining procedure looks like it worked but then we cannot see the machine in the Computers OU.  And when performing a gpupdate, it fails.
0
 
LVL 15

Expert Comment

by:WalkaboutTigger
ID: 40030611
Have you renamed or deleted the previous computer accounts from Active Directory manually?
The error may appear in the Security, System, or AD event log on the ADC against which you are authenticating for the join operation.
0
 

Author Comment

by:IDMA
ID: 40030628
Yes.  Deleted manually
0
 
LVL 11

Expert Comment

by:Giladn
ID: 40030922
Hi,

when you deploy this image back, check on active directory--> computers you should be able to reset computer account.
you can right-click the computer object in the Computers or appropriate container and then click Reset Account.
after that there will be no need to re-join the computer to the domain.

Post back,

Gilad
0
 
LVL 8

Assisted Solution

by:Camy
Camy earned 200 total points
ID: 40030948
Resetting the account will leave the computer object there without the secure channel to the original machine, you would still need to re-join the machine to the domain - it would just use the existing computer object (with associated groups and existing location) rather than create a new one.

If rejoining the domain appear to work have your searched AD or just looked in the computers OU?

As WalkaboutTigger says there should be some entries in the event logs of the PC, what does gpupdate fail with when you try it?
0
 
LVL 11

Accepted Solution

by:
Giladn earned 200 total points
ID: 40031692
1. reset computer account.
2. re-join to domain.

please try and post back if working or not.

Gilad
0
 
LVL 11

Expert Comment

by:hecgomrec
ID: 40032446
If the image you are using is already joined to the domain it won't work.

The image have to be of a single machine out of the domain, the desire name must be out of the AD and all replications finished.

Then take the new PC, rename it and join it to the domain.

If you can't re-create the image:

-Install the image
-Reboot
-Remove LAN connection
-Log in with an administrator account (local or domain)
-Remove the machine from the domain
-Reboot
-Re-install LAN connection
-Join the machine to the domain again (must be connected to the LAN).

Try it and post back
0
 

Author Closing Comment

by:IDMA
ID: 40078061
I have not tested these solutions since we have not run into an new re-image until now.  I would assume that these solutions would work.
Sorry that I cannot have a definite answer.
0

Join & Write a Comment

Suggested Solutions

New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now