While there were several headline-grabbing ransomware attacks during in 2017, another big threat started appearing at the same time that didn’t get the same coverage – illicit cryptomining.
pc needs to be taken of domain
HI
I have a window7 machine that needs to be taken of my domain and re-added but as I do not have local admin credentials I cannot do it with current user account I have ( very locked down) and cannot do any admin work such as removing it from domain and re-adding it etc..
Issue I have is this;
my windows 7 machine is not in sync with my Domain controller and hence I can only login with one account I have which is normal user account. machine's time settings shows that I am 4 minutes behind. I believe this is where the issue is but as mentioned, I cannot do any changes on the machine. I believe normal user account is cached in the memory and hence I can only with that account,
when I tried to logon with another account I get this error " there is no logon servers available to service the request" this is from windows 7 machine and my DC is 2008 rd.
I believe if I can remove it and re-add it domain it should fix my issue but I cannot do it as PC is out of sync with my AD and user account Im using is locked down to do any admin work.
Can this fixed via registry? I can do regedit?
I have a window7 machine that needs to be taken of my domain and re-added but as I do not have local admin credentials I cannot do it with current user account I have ( very locked down) and cannot do any admin work such as removing it from domain and re-adding it etc..
Issue I have is this;
my windows 7 machine is not in sync with my Domain controller and hence I can only login with one account I have which is normal user account. machine's time settings shows that I am 4 minutes behind. I believe this is where the issue is but as mentioned, I cannot do any changes on the machine. I believe normal user account is cached in the memory and hence I can only with that account,
when I tried to logon with another account I get this error " there is no logon servers available to service the request" this is from windows 7 machine and my DC is 2008 rd.
I believe if I can remove it and re-add it domain it should fix my issue but I cannot do it as PC is out of sync with my AD and user account Im using is locked down to do any admin work.
Can this fixed via registry? I can do regedit?
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
LVL 39
The simple answer is: no you cannot do this via registry modifications. If so what would be the use of having admin account to manage PC's and domain? I would just advise you contact an administrator and remove/add the computer for you. When in doubt, the admin should create a local admin account first for backout purposes, providing that there is no policy active that prevents having/creating such accounts.
Hi,
thanks, We do have a team and local admin accounts but it does not work as it seems it was not enabled during the build. It is disabled. ( I know it is a bad build)
What is my options please considering no local account to login to PC? how can I remedy issue? is there any way of creating another local account with admin privileges or using safe mode etc ?
thanks
thanks, We do have a team and local admin accounts but it does not work as it seems it was not enabled during the build. It is disabled. ( I know it is a bad build)
What is my options please considering no local account to login to PC? how can I remedy issue? is there any way of creating another local account with admin privileges or using safe mode etc ?
thanks
The only thing you can try doing is to check the PC's BIOS settings (provided you have access to the BIOS, and make sure the CMOS time is correct, maybe even replace the CMOS battery. With some luck your PC's time will then be in sync with the server's.
If you have no local admin account and no domain admin account then you only can try to reset the local admin account using a boot CD. Either that or a rebuild.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
Kuzum,
Overall if your intentions were to remove it from the domain and readd it you will not be able to do it without domain admin rights. If you wanted to add a local admin account to the machine REMOTELY you would still need domain admin rights.
Overall if your intentions were to remove it from the domain and readd it you will not be able to do it without domain admin rights. If you wanted to add a local admin account to the machine REMOTELY you would still need domain admin rights.
As Gerwin stated if you would just like to get in to the machine get a local admin password reset boot cd, reset or clear any user passwords that you notice, some cds give you the option to or set any of the other users accounts with local admin rights. Some cds also let you enable the Administrator account. If you do that unplug it from the network as it may be picking up a gpo which disables the local Administrator account.
hi
check in active directory if computer account disabled and enable it.
of you can try to find 3rd party software that reset the local account password on the computer.
check in active directory if computer account disabled and enable it.
of you can try to find 3rd party software that reset the local account password on the computer.
There are methods one can use to gain access to the system. However, I don't feel comfortable posting them to this question - I'm not convinced you aren't trying to circumvent your company's security without their knowledge and I won't help you bypass that. I would strongly recommend you speak to your network administrators and/or reload the computer from scratch - pull the hard drive, back it up, and reload.
4 mins time skew should not cause any issues like that, provided you are within 15 mins, it should update from a DC and adjust itself. I suspect a DNS problem here, it seems your machine is not finding a DC.
Have you asked anyone with an account that has admin rights to remotely connect to it.
There are ways to gain administrative rights to this system, but if your account is locked down which account will you use to reconnect.
Netdom executed can rejoin the domain.
Updating the time to be closer during bootup ........
You are not getting a loss of trust message, so it sounds as though this system might have external DNS records and those are being queried when login/resource access is attempted.
Run ipconfig /all from a command prompt, or look at the details for network connection properties. Note if there are non private ip addresses listed there. I.e. Not on the same segment as your system's ip.
There are ways to gain administrative rights to this system, but if your account is locked down which account will you use to reconnect.
Netdom executed can rejoin the domain.
Updating the time to be closer during bootup ........
You are not getting a loss of trust message, so it sounds as though this system might have external DNS records and those are being queried when login/resource access is attempted.
Run ipconfig /all from a command prompt, or look at the details for network connection properties. Note if there are non private ip addresses listed there. I.e. Not on the same segment as your system's ip.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS
From novice to tech pro — start learning today.
-
Microsoft ApplicationsCertification: MCSE Microsoft Certified Systems Engineer - Identity … 440 lessons
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.