asked on
pc needs to be taken of domain
HI
I have a window7 machine that needs to be taken of my domain and re-added but as I do not have local admin credentials I cannot do it with current user account I have ( very locked down) and cannot do any admin work such as removing it from domain and re-adding it etc..
Issue I have is this;
my windows 7 machine is not in sync with my Domain controller and hence I can only login with one account I have which is normal user account. machine's time settings shows that I am 4 minutes behind. I believe this is where the issue is but as mentioned, I cannot do any changes on the machine. I believe normal user account is cached in the memory and hence I can only with that account,
when I tried to logon with another account I get this error " there is no logon servers available to service the request" this is from windows 7 machine and my DC is 2008 rd.
I believe if I can remove it and re-add it domain it should fix my issue but I cannot do it as PC is out of sync with my AD and user account Im using is locked down to do any admin work.
Can this fixed via registry? I can do regedit?
I have a window7 machine that needs to be taken of my domain and re-added but as I do not have local admin credentials I cannot do it with current user account I have ( very locked down) and cannot do any admin work such as removing it from domain and re-adding it etc..
Issue I have is this;
my windows 7 machine is not in sync with my Domain controller and hence I can only login with one account I have which is normal user account. machine's time settings shows that I am 4 minutes behind. I believe this is where the issue is but as mentioned, I cannot do any changes on the machine. I believe normal user account is cached in the memory and hence I can only with that account,
when I tried to logon with another account I get this error " there is no logon servers available to service the request" this is from windows 7 machine and my DC is 2008 rd.
I believe if I can remove it and re-add it domain it should fix my issue but I cannot do it as PC is out of sync with my AD and user account Im using is locked down to do any admin work.
Can this fixed via registry? I can do regedit?
Microsoft Legacy OSWindows 7Active DirectoryWindows Server 2008
Last Comment
arnold
The simple answer is: no you cannot do this via registry modifications. If so what would be the use of having admin account to manage PC's and domain? I would just advise you contact an administrator and remove/add the computer for you. When in doubt, the admin should create a local admin account first for backout purposes, providing that there is no policy active that prevents having/creating such accounts.
ASKER
Hi,
thanks, We do have a team and local admin accounts but it does not work as it seems it was not enabled during the build. It is disabled. ( I know it is a bad build)
What is my options please considering no local account to login to PC? how can I remedy issue? is there any way of creating another local account with admin privileges or using safe mode etc ?
thanks
thanks, We do have a team and local admin accounts but it does not work as it seems it was not enabled during the build. It is disabled. ( I know it is a bad build)
What is my options please considering no local account to login to PC? how can I remedy issue? is there any way of creating another local account with admin privileges or using safe mode etc ?
thanks
The only thing you can try doing is to check the PC's BIOS settings (provided you have access to the BIOS, and make sure the CMOS time is correct, maybe even replace the CMOS battery. With some luck your PC's time will then be in sync with the server's.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Kuzum,
Overall if your intentions were to remove it from the domain and readd it you will not be able to do it without domain admin rights. If you wanted to add a local admin account to the machine REMOTELY you would still need domain admin rights.
Overall if your intentions were to remove it from the domain and readd it you will not be able to do it without domain admin rights. If you wanted to add a local admin account to the machine REMOTELY you would still need domain admin rights.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
hi
check in active directory if computer account disabled and enable it.
of you can try to find 3rd party software that reset the local account password on the computer.
check in active directory if computer account disabled and enable it.
of you can try to find 3rd party software that reset the local account password on the computer.
There are methods one can use to gain access to the system. However, I don't feel comfortable posting them to this question - I'm not convinced you aren't trying to circumvent your company's security without their knowledge and I won't help you bypass that. I would strongly recommend you speak to your network administrators and/or reload the computer from scratch - pull the hard drive, back it up, and reload.
4 mins time skew should not cause any issues like that, provided you are within 15 mins, it should update from a DC and adjust itself. I suspect a DNS problem here, it seems your machine is not finding a DC.
Have you asked anyone with an account that has admin rights to remotely connect to it.
There are ways to gain administrative rights to this system, but if your account is locked down which account will you use to reconnect.
Netdom executed can rejoin the domain.
Updating the time to be closer during bootup ........
You are not getting a loss of trust message, so it sounds as though this system might have external DNS records and those are being queried when login/resource access is attempted.
Run ipconfig /all from a command prompt, or look at the details for network connection properties. Note if there are non private ip addresses listed there. I.e. Not on the same segment as your system's ip.
There are ways to gain administrative rights to this system, but if your account is locked down which account will you use to reconnect.
Netdom executed can rejoin the domain.
Updating the time to be closer during bootup ........
You are not getting a loss of trust message, so it sounds as though this system might have external DNS records and those are being queried when login/resource access is attempted.
Run ipconfig /all from a command prompt, or look at the details for network connection properties. Note if there are non private ip addresses listed there. I.e. Not on the same segment as your system's ip.