unjoining computer from domain - does it delete the computer accou

Discussion in 'Active Directory' started by swat, Apr 21, 2009.

  1. swat

    swat Guest

    hi, this may hv been asked b4, but i hv not been able to find any conclusive
    info on this yet.

    Basically, if I unjoin a computer from a domain, what should happen to the
    computer account? Should it be immediately removed automatically? Or should
    it be disabled after a period of time (how long is this 'period'?) and then
    removed automatically? Or shd it remain unchanged in the AD until it is
    manually disabled or removed?

    I am not too sure what shd happen because in the AD, i see some accounts
    disabled. Also my own experiment to determine this, after unjoining the
    domain, no change to the particular acct for almost 2 weeks already.

    So I would like to find out whats the expected behaviour so that I can
    confirm if things are working as they shd or if I am missing something here...

    Thank you.
     
    swat, Apr 21, 2009
    #1
    1. Advertisements

  2. Hello swat,

    If you unjoin a computer from the domain, it will be shown as disabled direct.
    To see the change you have to refresh the view. If you say you don't see
    it after 2 weeks, this is strange.

    Do you have more then one DC? Please describe a bit more your domain setup.

    Best regards

    Meinolf Weber
     
    Meinolf Weber [MVP-DS], Apr 21, 2009
    #2
    1. Advertisements

  3. swat

    swat Guest

    Hi

    Yes, there are multiple DCs in my environment. But even if due to
    replicatoin, it shd not take too long.

    So its supposed to be disabled direct and removal will hv to be done manually?

    Perhaps the account I am using does not hv sufficient rights to do this?

    Thanx.
     
    swat, Apr 21, 2009
    #3
  4. Hello swat,

    If you disjoin a computer from domain, it is disable and placed in the
    computers container in AD (should have a red on it). And you can then go to
    computers container and manually remove object.

    Isaac
     
    Isaac Oben [MCITP:EA, MCSE], Apr 21, 2009
    #4
  5. Hit F5 after the unjoin, you should see a change. The icon (Computer
    object) will still be there so you will have to manually remove the object
    (Delete it).
     
    Paul Bergson [MVP-DS], Apr 21, 2009
    #5
  6. swat

    swat Guest

    Hi

    This i do not see happening. If the computer acct is in another OU, when
    unjoining it, the hostname definitely does not move to the default Computers
    OU..
     
    swat, Apr 21, 2009
    #6

  7. As advised by others, no, it does not get automatically removed. You will
    need to delete it manually.

    If you've hit the F5 key to refresh, or close the ADUC and re-open it, and
    you are still not seeing the red X on the machine account after you
    disjoined it, then it is telling me there is something else going on with
    AD. This can be based on a number of things, such as a multhomed DC (more
    than one NIC or IP) or a DNS misconfiguration, which are the two leading
    causes.

    To better assist to insure you do not have any AD problems, please post an
    unedited ipconfig /all of one of two (2) of your DCs, and of a sample
    workstation. This will help us eliminate basic issues.

    --
    Ace

    This posting is provided "AS-IS" with no warranties or guarantees and
    confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSA Messaging, MCT
    Microsoft Certified Trainer


    For urgent issues, you may want to contact Microsoft PSS directly. Please
    check http://support.microsoft.com for regional support phone numbers.
     
    Ace Fekay [Microsoft Certified Trainer], Apr 21, 2009
    #7
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.