I'm trying to create a method for easiest recovery:
Windows 10 Pro workstations - domain-joined.
No local Users except Administrator and it is normally disabled.
LAPS is in use and the local Administrator password is available from LAPS.
Here is one scenario:
Tech decides to take the workstation off the domain and then rejoin.
But, tech forgets to enable the local Administrator account before taking the workstation off the domain.
(There are other scenarios as well but the outcome is the same).
In order to rejoin the domain, need a local Admin account.
Whenever I've encountered this situation, I've been able to deal with it BUT the process was just too "inventive". I'd like to have a solid process.