Rejoin computer to Active Directory remotely.

Hello,

We have some remote workstations which their names are removed from Active Directory.   Besides RDP to the computer and rejoin it to the domain, is there another way to do this remotely?

Our domain controller servers are running in Windows 2008.

Thanks.
nav2567Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AlanConsultantCommented:
Hi Nav2567,

I would have suggested RDP.

I am guessing that this isn't working for you for some reason?  Can we perhaps help address that instead?

Alan.
nav2567Author Commented:
The reason we do not want to do RDP for these remote computers is because we do not want to give the user the local admin password to login to the computer.
Scott CSenior EngineerCommented:
We do it with VPN.
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

AlanConsultantCommented:
Hi Nav2567,

To join a machine to the domain, I'm pretty sure you will have to give them local admin access on the machine no matter what - or am I wrong on that?

Thanks,

Alan.
nav2567Author Commented:
Again, we try not to RDP to the computer to do it as we need to give the user the local admin credential to login.
Scott CSenior EngineerCommented:
What about something like TeamViewer to take control of the machine, then YOU enter the proper credentials?
AlanConsultantCommented:
Hi Nav2567,

Assuming there is another option than RDP, you will give the user some local machine credentials to access the machine remotely, that does not give them local admin rights?

If so, how will that user then join the machine to the domain?  Won't they need local admin rights for that no matter whether RDP or any other option?


Alan.
Hello ThereSystem AdministratorCommented:
We use VNC for this reasons. Just install VNC Viewer on your computer, tell them to install VNC Clien, connect to these computers remotely and join them to the domain yourself. Nobody will know your admin password. You just have to have an access to the network where they are.
AlanConsultantCommented:
Hi B A,

But if you can do that, why not just skip installing the third-party VNC software, connect to the machine with RDP as a local admin, and join it to the domain?

What am I missing?

Thanks,

Alan.
Shaun VermaakTechnical SpecialistCommented:
You can rejoin remotely with PowerShell, VBS etc.

This is an old VBS I wrote

Option Explicit

On Error Resume Next

Const JOIN_DOMAIN = 1
Const ACCT_CREATE = 2
Const ACCT_DELETE = 4
Const WIN9X_UPGRADE = 16
Const DOMAIN_JOIN_IF_JOINED = 32
Const JOIN_UNSECURE = 64
Const MACHINE_PASSWORD_PASSED = 128
Const DEFERRED_SPN_SET = 256
Const INSTALL_INVOCATION = 262144

Dim objWMISvc
Dim colItems
Dim objItem
Dim strDomain
Dim strUser
Dim strPassword
Dim objNetwork
Dim strComputer
Dim objComputer
Dim objWMIService
Dim colOperatingSystems
Dim ObjOperatingSystem
Dim ReturnValue

Set objWMISvc = GetObject( "winmgmts:\\.\root\cimv2" )
Set colItems = objWMISvc.ExecQuery( "Select * from Win32_ComputerSystem", , 48 )
For Each objItem in colItems
    If objItem.PartOfDomain = True Then
        WScript.Quit
    End If
Next

strDomain = "DOMAIN.com"
strUser = "USERNAME"
strPassword = "Password1"
 
Set objNetwork = CreateObject("WScript.Network")
strComputer = objNetwork.ComputerName
Set objNetwork = Nothing

Set objComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!\\" & strComputer & "\root\cimv2:Win32_ComputerSystem.Name='" & strComputer & "'")

ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, strPassword, strDomain & "\" & strUser, NULL, JOIN_DOMAIN + ACCT_CREATE)

If ReturnValue = 0 Then
    Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate,(Shutdown)}!\\.\root\cimv2")
    Set colOperatingSystems = objWMIService.ExecQuery("Select * from Win32_OperatingSystem")
    For Each objOperatingSystem in colOperatingSystems
        ObjOperatingSystem.Reboot()
    Next
End If

Open in new window

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
AlanConsultantCommented:
Hi Nav,

Any update on this?

Thanks,

Alan.
AlanConsultantCommented:
Good options provided.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.