Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

Rejoining to Domain After Secure Channel Fix

  • Filter
  • Time
  • Show
Clear All
new posts

  • Rejoining to Domain After Secure Channel Fix

    Dear People

    I know that after resetting a computer from DSMOD or ADUC I will have to rejoin and restart the machine.

    1. As I know the SID of the computer will be lost if I Rejoin via going to Workgroup, is it true.
    2. What will actually happen if I go to Workgroup and rejoin to domain.
    3. What is the method for Rejoining a domain without Unjoining.

    Thank You

  • #2
    The SID doesn't change in AD unless you delete & recreate the computer object. The normal (tedious) way of resetting a machine on a domain is:
    *-join the client PC to a workgroup (don't delete the AD object)
    *-right-click the computer object in AD, select 'Reset computer' which resets the object's password
    *-re-join the computer to AD. Done.

    You can reset the secure link between a computer and AD (esetting the object's password) by running a command from the client. Using older tech this is done with 'netdom'. But netdom has been dropped from newer OS deployments, so you can use Powershell to do the same thing. For the Powershell option, have a read here:

    For credentials there, run your Powershell session with admin privileges. If you want to use the older 'netdom' option, but you can't find 'netdom' on your client PC, you can copy the 2 needed files and run a single command, then reboot, per this article:
    MSCA (2003/XP), Security+, CCNA

    ** Remember: credit where credit is due, and reputation points as appropriate **


    • #3
      Dear RicklesP

      Thank you for the reply. Do you mean to say that even if I change from domain to workgroup and then again to the domain the computer object will remain as it is and will not be deleted thus the SID change will not happen. Same thing for the DSMOD computer reset also right? And also should I come back to workgroup and then to domain after password reset or before the password reset.?