How to remove\add workstation from\to domain remotely?

If you have 250 workstations which were a member of non-existing domain and new AD, and wanted to add them back to domain. 

How you can remove and add workstations to domain, without performing this operation manually on every workstation?

Required resources:

  1. Old (1.8) version of NETDOM.EXE tool which was originally released with Windows NT 4.0 Resources Kit. Now You can get it from Microsoft FTP server.
  2. Latest version of NETDOM.EXE which is a part of support tools.
  3. PSEXEC.EXE and PSSHUTDOWN.EXE tools from PSTools. First of them will allow us to execute command remotely and second will allow us to perform reboot of the remote machine after operation.

As a first step we need to pull the workstations out from domain. We can do this with old version of NETDOM.EXE (let’s call it netdom18.exe), as it allows us to move workstation to WORKGROUP. We will use PSEXEC to perform this operation remotely:

psexec \\STACJA -u STACJA\Administrator -c netdom18.exe MEMBER \\STACJA /JOINWorkgroup WORKGROUP

With -c switch our tool will get copied on remote machine before execution. This command will join workstation named STACJA to workgroup WORKGROUP. Now we have to perform remote reboot of this workstation as old version of NETDOM can’t do this automatically:

psshutdown.exe -r -u STACJA\Administrator \\STACJA

Now we have to add this workstation back to domain. If its account exists in domain maybe we should think about performing reset on this account. To add workstation to domain we will use current version of NETDOM.EXE:

psexec \\STACJA -u STACJA\Administrator -c netdom.exe JOIN STACJA /DOMAIN:W2K.PL /UserD:W2k\Administrator /passwordD:* /UserO:Administrator /PasswordO:* /Reboot

Note: * should be replaced with correct password.

This time reboot will be performed by NETDOM tool. And this is basically it. What is worth to remember is that NETDOM allows us not only to add workstation to domain using specific OU, but also we can do this on specific DC in the domain.



One thought on “How to remove\add workstation from\to domain remotely?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s