If you have 250 workstations which were a member of non-existing domain and new AD, and wanted to add them back to domain.
How you can remove and add workstations to domain, without performing this operation manually on every workstation?
- Old (1.8) version of NETDOM.EXE tool which was originally released with Windows NT 4.0 Resources Kit. Now You can get it from Microsoft FTP server.
- Latest version of NETDOM.EXE which is a part of support tools.
- PSEXEC.EXE and PSSHUTDOWN.EXE tools from PSTools. First of them will allow us to execute command remotely and second will allow us to perform reboot of the remote machine after operation.
As a first step we need to pull the workstations out from domain. We can do this with old version of NETDOM.EXE (let’s call it netdom18.exe), as it allows us to move workstation to WORKGROUP. We will use PSEXEC to perform this operation remotely:
psexec \\STACJA -u STACJA\Administrator -c netdom18.exe MEMBER \\STACJA /JOINWorkgroup WORKGROUP
With -c switch our tool will get copied on remote machine before execution. This command will join workstation named STACJA to workgroup WORKGROUP. Now we have to perform remote reboot of this workstation as old version of NETDOM can’t do this automatically:
psshutdown.exe -r -u STACJA\Administrator \\STACJA
Now we have to add this workstation back to domain. If its account exists in domain maybe we should think about performing reset on this account. To add workstation to domain we will use current version of NETDOM.EXE:
psexec \\STACJA -u STACJA\Administrator -c netdom.exe JOIN STACJA /DOMAIN:W2K.PL /UserD:W2k\Administrator /passwordD:* /UserO:Administrator /PasswordO:* /Reboot
Note: * should be replaced with correct password.
This time reboot will be performed by NETDOM tool. And this is basically it. What is worth to remember is that NETDOM allows us not only to add workstation to domain using specific OU, but also we can do this on specific DC in the domain.