Sign in to follow this  
Followers 0
Dalex

Disjoin PC from domain

9 posts in this topic

I am working on a PC refresh project for my company, I have written a GUI script that finds various files then copies them to a network share and when the new pc is logged on it will look for those files (according to username) and restore them. I have all that working correctly.

My problem is:

The last thing I want the script to do is remove itself from the domain and reboot. I have found many threads on the subject here, but no one has potsed a solid answer.

I though of using Netdom.exe, but that requires the .exe to reside on the system.

I have found a .vbs that works. I could wrie the .vbs to the drive and execute it but I would rather have it converted to .au3. I have made an attempt bu thave gotten stuck on the last line. Can anyone look at what I have to see if it looks correct and also get me pointed in the right direction o the last line?

Also, if there is a better way to do it I am all ears! Thanks, for any help!

I was using UEZ's example here: to convert what I have. (Thanks UEZ)

#cs .vbs source that I am trying to convert, I
strComputer = "."
Set sys = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2:Win32_ComputerSystem.Name='" & strComputer & "'")
result = sys.UnjoinDomainOrWorkGroup()
#ce

;Below is my partial attempt to convert
Global $strComputer = @ComputerName
Global $oSys = ObjGet ("winmgmts:\\" & $strComputer & "\root\CIMV2:Win32_ComputerSystem.Name='" & $strComputer & "'")

[size="2"][u]Beer is living proof that God loves us and wants us to be happy.-- Ben Franklin[/u][/size]

Share this post


Link to post
Share on other sites



Try my AD UDF function _AD_UnJoinDomain.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Water, that is very slick , but I want this to happen locally and not have to contact the AD. Am I looking at it wrong?


[size="2"][u]Beer is living proof that God loves us and wants us to be happy.-- Ben Franklin[/u][/size]

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

Can you try these functions please?

$ret = WMI_JoinDomWG2(@ComputerName, @ComputerName & "testgrp")
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $ret = ' & $ret & @crlf & '>Error code: ' & @error & @crlf) ;### Debug Console

Func WMI_JoinDomWG($sComputer, $sDomain, $sDomUser = "", $sDomPwd = "", $sRemoteUser = "", $sRemotePwd = "") ;http://msdn.microsoft.com/en-us/library/windows/desktop/aa392154(v=vs.85).aspx
    Local Const $JOIN_DOMAIN = 0x00000001
    Local Const $ACCT_CREATE = 0x00000002
    Local Const $ACCT_DELETE = 0x00000004
    Local Const $WIN9X_UPGRADE = 0x00000010 ;16
    Local Const $DOMAIN_JOIN_IF_JOINED = 0x00000020 ;32
    Local Const $JOIN_UNSECURE = 0x00000040 ;64
    Local Const $MACHINE_PASSWORD_PASSED = 0x00000080 ;128
    Local Const $DEFERRED_SPN_SET = 0x00000100 ;256
    Local Const $INSTALL_INVOCATION = 0x00040000 ;262144

    Local Const $ping = Ping($sComputer, 250)
    If @error Then Return SetError(1, 0, 0)
    Local Const $objWMILocator = ObjCreate("WbemScripting.SWbemLocator")
    Local Const $objWMIService = $objWMILocator.ConnectServer($sComputer, "rootcimv2", $sRemoteUser, $sRemotePwd, "", "", 128)
    If @error Then Return SetError(2, 0, 0)
    Local $objJoin = $objWMIService.Get("Win32_ComputerSystem.Name='" & $sComputer & "'")
    If IsObj($objJoin) Then Return $objJoin.JoinDomainOrWorkGroup($sDomain, $sDomPwd, $sDomain & "" & $sDomUser, "", $JOIN_DOMAIN)
    Return SetError(3, 0, 0)
EndFunc

Func WMI_JoinDomWG2($sComputer, $sDomain, $sDomUser = "", $sDomPwd = "") ;http://msdn.microsoft.com/en-us/library/windows/desktop/aa392154(v=vs.85).aspx
    Local Const $JOIN_DOMAIN = 0x00000001
    Local Const $ACCT_CREATE = 0x00000002
    Local Const $ACCT_DELETE = 0x00000004
    Local Const $WIN9X_UPGRADE = 0x00000010 ;16
    Local Const $DOMAIN_JOIN_IF_JOINED = 0x00000020 ;32
    Local Const $JOIN_UNSECURE = 0x00000040 ;64
    Local Const $MACHINE_PASSWORD_PASSED = 0x00000080 ;128
    Local Const $DEFERRED_SPN_SET = 0x00000100 ;256
    Local Const $INSTALL_INVOCATION = 0x00040000 ;262144

    Local Const $ping = Ping($sComputer, 250)
    If @error Then Return SetError(1, 0, 0)
    Local Const $objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!" & $sComputer & "rootcimv2:Win32_ComputerSystem.Name='" & $sComputer & "'")
    Return $objWMIService.JoinDomainOrWorkGroup($sDomain, $sDomPwd, $sDomain & "" & $sDomUser, "", $JOIN_DOMAIN)
EndFunc

Func WMI_UnjoinDom($sComputer, $p_UserName, $p_Password) ;http://www.scriptinternals.com/new/us/support/Internal/WMI_Win32_ComputerSystem_UnjoinDomainOrWorkgroup.htm
    Local Const $objWMI = ObjGet("winmgmts:{impersonationLevel=impersonate}!" & $sComputer & "rootcimv2")
    Local Const $strWQL = "select * from Win32_ComputerSystem"
    Local Const $objInstances = $objWMI.ExecQuery($strWQL, "",48)
    Local $objInstance, $intResult, $p_FUnjoinOptions = 0
    For $objInstance In $objInstances
        $intResult = $objInstance.UnjoinDomainOrWorkgroup($p_Password, $p_UserName, $p_FUnjoinOptions)
        If Not $intResult Then Return 1
        Return SetError(1, 0, 0)
    Next
EndFunc

Please post the results!

Br,

UEZ

Edited by UEZ

Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Share this post


Link to post
Share on other sites

Sorry UEZ for my ignorance, is this what you mean?

WMI_JoinDomWG:

@@ Debug(6) : $ret = 2691

WMI_JoinDomWG2:

@@ Debug(6) : $ret = 2691

WMI_JoinDomWG3:(error)

C:UsersDalexDesktopNew AutoIt v3 Script.au3(47,32) : ERROR: WMI_JoinDomWG3() called by a previous line with 2 arg(s). Max = 1. First previous line calling this Func is 5.

Func WMI_JoinDomWG3($sComputer)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^


[size="2"][u]Beer is living proof that God loves us and wants us to be happy.-- Ben Franklin[/u][/size]

Share this post


Link to post
Share on other sites

I decided to take the easy way out.......

$Unjoinfile = _FileCreate(@UserProfileDir & "Unjoin.vbs")
  _FileWriteToLine($Unjoin,1, 'strComputer = "' & @ComputerName & '"' )
  _FileWriteToLine($Unjoin,2, "Set sys = GetObject("  & '"' & 'winmgmts:' & '"' & ' & strComputer & ' & '"' & 'rootCIMV2:Win32_ComputerSystem.Name=' &"'" & '"' & ' & strComputer & ' & '"' & "'" & '"' &  ')' )
  _FileWriteToLine($Unjoin,3, "result = sys.UnjoinDomainOrWorkGroup()")
  ShellExecute($Unjoin)

[size="2"][u]Beer is living proof that God loves us and wants us to be happy.-- Ben Franklin[/u][/size]

Share this post


Link to post
Share on other sites

Thanks for your reply but I'm more interested whether one of the functions is working. Regarding the return code: I don't know yet what the codes are meaning.

I did some changes to the 3rd function which is similar to the vbs code you used. Can you please the it again and tell me whether the computer "unjoinded" the domain?

Br,

UEZ


Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Share this post


Link to post
Share on other sites

Dalex,

When a computer joins a domain a connection between the computer and a computer account in AD is established. The unjoin function drops this connection and therefore must be able to contact the AD.

My function does this for you:

_AD_Open()
_AD_UnJoinDomain("Computername")
_AD_Close()

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Dalex, I am having an issue with unjoining/deleting pc from domian using AUTOIT script. Here's what i am doing. the machines get re-image without being deleted/removed from the domain. There is an automated script that kicks off on 1st startup that names the machine the same as it was before, and tries to join it to the domain. Being that the pc name is still on the domain I get error 2224, The computer account already exist. When 2224 comes the script tries to run code below to remove from the domain only to get error 2692

$intReturn = $objComputer.UnjoinDomainOrWorkgroup _

($strPassword, $strDomain & "\" & $strUser, 0)

MsgBox (0, "Returnvalue:", $intReturn, 2)

I am having no luck using your function and now I am unsure which of yours I need to be using, _AD_DeleteObject or _AD_UnJoinDomain and the syntax with either of the two.

Any help would be great.

Thanks!

T. Carter

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0