none
Active Directory object reset upon reimage

    Question

  • I recently re-imaged a few computers and reused the same names without removing them from AD first. Group policies are not being applied and I think it is due to not removing them from AD, re-joining domain, then placing them back in their proper OUs'. Is there a way to reset the computer accounts without removing them from AD and re-joining the domain?
    Saturday, April 20, 2013 3:52 AM

Answers

  • To reset the secure channel by using the Active Directory Users and Computers snap-in
    Right-click a computer, and then click Reset Account
    You must rejoin the computer to the domain, and then restart the computer
    or
    dsmod computer "ComputerDN" –reset
    rejoin the computer to the domain, and then restart the computer

    netdom reset MachineName /domain DomainName /UserO UserName /PasswordO {Password | *}
    nltest /server:name /sc_reset:domain\servername
    This commands resets the secure channel by attempting to reset the password on both the computer and the domain, so it does not require rejoining or rebooting. 

    You can also use Windows PowerShell with Active Directory Module to reset a computer account.
    Test-ComputerSecureChannel –Repair 

    In any case
    After reinstalling the operating system on a workstation,  even though you used the same computer name the new installation generates a new SID.


    • Marked as answer by MidiMike Friday, April 26, 2013 2:44 AM
    • Edited by Goce Argirov Friday, April 26, 2013 7:59 AM
    Saturday, April 20, 2013 10:31 AM

All replies

  • To reset the secure channel by using the Active Directory Users and Computers snap-in
    Right-click a computer, and then click Reset Account
    You must rejoin the computer to the domain, and then restart the computer
    or
    dsmod computer "ComputerDN" –reset
    rejoin the computer to the domain, and then restart the computer

    netdom reset MachineName /domain DomainName /UserO UserName /PasswordO {Password | *}
    nltest /server:name /sc_reset:domain\servername
    This commands resets the secure channel by attempting to reset the password on both the computer and the domain, so it does not require rejoining or rebooting. 

    You can also use Windows PowerShell with Active Directory Module to reset a computer account.
    Test-ComputerSecureChannel –Repair 

    In any case
    After reinstalling the operating system on a workstation,  even though you used the same computer name the new installation generates a new SID.


    • Marked as answer by MidiMike Friday, April 26, 2013 2:44 AM
    • Edited by Goce Argirov Friday, April 26, 2013 7:59 AM
    Saturday, April 20, 2013 10:31 AM
  • Thanks alot. All is well
    Friday, April 26, 2013 2:45 AM