Server 2k8 Domain, Force all computer to workgroup
-
Looking a site with about 40 or so computers that need to be forced off of the existing domain.
So save myself time, I would like to be able to do this from the server rather that hitting each computer. I know one way is to just delete all of the stations from ADUC - but that doesn't really help on the workstation side.
I've seen some references to this command:
netdom remove computername /Domain:domain /UserD:user /PasswordD:* /Force
Is there a more practical way? or is this the best way?
-
Make sure you have working local accounts on each one before doing that!
-
@scottalanmiller said in Server 2k8 Domain, Force all computer to workgroup:
Make sure you have working local accounts on each one before doing that!
yes,.. a local account is a must - otherwise you risk really borking things.
-
you're also going to lose access to the domain profiles as well - so you might need to use userstate migration to bring them back to the new local account.
-
Ditching AD, eh?
Can you tell us about the environment?
-
@dashrender said in Server 2k8 Domain, Force all computer to workgroup:
Ditching AD, eh?
Can you tell us about the environment?
Well, for starters, no AD.
-
@scottalanmiller said in Server 2k8 Domain, Force all computer to workgroup:
@dashrender said in Server 2k8 Domain, Force all computer to workgroup:
Ditching AD, eh?
Can you tell us about the environment?
Well, for starters, no AD.
Ohh, nice one, knee slapper there
-
I try to keep everyone on their toes.
-
@scottalanmiller said in Server 2k8 Domain, Force all computer to workgroup:
I try to keep everyone on their toes.
I keep stubbing mine.
-
@dashrender said in Server 2k8 Domain, Force all computer to workgroup:
Ditching AD, eh?
Can you tell us about the environment?
Server 2008 with AD
File/Print Shares
NAS for 1st level back up.
about 40 desktops connected to the domain.They are 'cutting up' the business into different departments, and first step is to kick all the systems off the current domain so they can move forward with part two of the plan...
-
@gjacobse said in Server 2k8 Domain, Force all computer to workgroup:
@dashrender said in Server 2k8 Domain, Force all computer to workgroup:
Ditching AD, eh?
Can you tell us about the environment?
Server 2008 with AD
File/Print Shares
NAS for 1st level back up.
about 40 desktops connected to the domain.They are 'cutting up' the business into different departments, and first step is to kick all the systems off the current domain so they can move forward with part two of the plan...
which is?
-
@dashrender said in Server 2k8 Domain, Force all computer to workgroup:
@gjacobse said in Server 2k8 Domain, Force all computer to workgroup:
@dashrender said in Server 2k8 Domain, Force all computer to workgroup:
Ditching AD, eh?
Can you tell us about the environment?
Server 2008 with AD
File/Print Shares
NAS for 1st level back up.
about 40 desktops connected to the domain.They are 'cutting up' the business into different departments, and first step is to kick all the systems off the current domain so they can move forward with part two of the plan...
which is?
Still in planning at this point. They don't even know I don't think,.. some miention was made is parting it out.
For right now, they was to abandon AD, and work stand alone.
-
@dashrender said in Server 2k8 Domain, Force all computer to workgroup:
@gjacobse said in Server 2k8 Domain, Force all computer to workgroup:
@dashrender said in Server 2k8 Domain, Force all computer to workgroup:
Ditching AD, eh?
Can you tell us about the environment?
Server 2008 with AD
File/Print Shares
NAS for 1st level back up.
about 40 desktops connected to the domain.They are 'cutting up' the business into different departments, and first step is to kick all the systems off the current domain so they can move forward with part two of the plan...
which is?
Connecting 2 separate offices (literally across the country from each other). No Servers just NAS at each site and VPN connection between the 2. Everything else is moving to the cloud.
-
@minion-queen said in Server 2k8 Domain, Force all computer to workgroup:
@dashrender said in Server 2k8 Domain, Force all computer to workgroup:
@gjacobse said in Server 2k8 Domain, Force all computer to workgroup:
@dashrender said in Server 2k8 Domain, Force all computer to workgroup:
Ditching AD, eh?
Can you tell us about the environment?
Server 2008 with AD
File/Print Shares
NAS for 1st level back up.
about 40 desktops connected to the domain.They are 'cutting up' the business into different departments, and first step is to kick all the systems off the current domain so they can move forward with part two of the plan...
which is?
Connecting 2 separate offices (literally across the country from each other). No Servers just NAS at each site and VPN connection between the 2. Everything else is moving to the cloud.
And moving to salt to manage the PCs? or are you giving up on that entirely?
How will the NASs be mapped to the PCs? I assume a username/password list will be created on the NASs and then give to the users so they can map network drives? -
We were actually hired by another MSP to do this for them. So.... no idea what their full plans are. Not my Monkeys not my Circus.
-
@minion-queen said in Server 2k8 Domain, Force all computer to workgroup:
We were actually hired by another MSP to do this for them. So.... no idea what their full plans are. Not my Monkey's not my Circus.
MONKEYS
Apostrophes are never for plurals.
-
Real simple:
start /B /W wmic.exe /interactive:off ComputerSystem Where "Name='%computername%'" Call UnJoinDomainOrWorkgroup FUnjoinOptions=0
You can either do an Enter-PSSession or use psexec.exe to execute. Put a reboot command in a batch and call it a day.
Make sure to create a new glassbreak account local to the PC, so that every machine has a specific account someone can perform work with.