Removing a machine from domain using PowerShell

user944655

4/13/23, 8:50 PM

I was tasked to develop a PS script to remove machines from the domain for automation purposes. I am not a full time scripter so i went ahead and did some digging and found this :

"Remove-Computer -UnjoinDomaincredential nsmg\svc_unjoindomain -PassThru -Verbose -Restart -force"

when i run it on my test computer that is currently joined to my company computer i get this error: "Remove-Computer : Failed to unjoin computer 'TX0001QVE7P8I' from domain 'X' with the following error message: Access is denied. At line:1 char:1

Remove-Computer -UnjoinDomaincredential DOMAIN1/DOMAIN ADMIN -PassTh ...

  + CategoryInfo          : OperationStopped: (TX0001QVE7P8I:String) [Remove-Computer], InvalidOperationException
  + FullyQualifiedErrorId : FailToUnjoinDomain,Microsoft.PowerShell.Commands.RemoveComputerCommand"

I have replaced the syntax to match my domain as well as gave it a domain admin account but still getting this error. could you guys tell me what i could possibly be missing?

466

0 + 0

windows

powershell

syntax

Score:1

Server

Massimo

4/13/23, 8:59 PM

As per documentation, the parameter -UnjoinDomainCredential requires a PSCredential object; you can't simply type the credentials in the command line.

You can find more info about how to build a PSCredential object here.

0 + 0

user944655

4/13/23, 9:22 PM

I followed that document as well but I am still getting the same results. I have created what I believe to be the PSCredentials by adding the following parameters below: ____________________________________________________________________________________________________ $domain = "domain" $username = "$domain\username" $password = "password" | ConvertTo-SecureString -asPlainText -Force $credential = New-Object System.Management.Automation.PSCredential($username, $password) Remove-Computer -UnjoinDomaincredential ( $credential ) -PassThru -Verbose -Restart

user944655

4/13/23, 10:01 PM

$credential = New-Object System.Management.Automation.PsCredential("domain\account", (ConvertTo-SecureString "Password" -AsPlainText -Force)) Remove-Computer -UnjoinDomaincredential $credential -WorkgroupName "workgroup" -PassThru -Verbose -Restart

Massimo

4/13/23, 10:47 PM

Make sure the credentials you are using are actually valid and the specified user account has the required permissions to remove the computer from the domain. You can test that by manually performing a domain unjoin on a computer using the same user account.

Massimo

4/13/23, 10:51 PM

Also, you will (of course) need to run your command with local administrator rights. The credentials you are supplying are only used to tell to the domain that you are removing the computer, but you'll also need to run the command itself as a local admin. If you are testing this in PowerShell, remember to use `Run As Administrator`.

user944655

4/14/23, 9:54 PM

Thank you @Massimo, it worked!!

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Removing a machine from domain using PowerShell

TH: การลบเครื่องออกจากโดเมนโดยใช้ PowerShell

RO: Eliminarea unei mașini de pe domeniu folosind PowerShell

RU: Удаление машины из домена с помощью PowerShell

VI: Xóa máy khỏi miền bằng PowerShell

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.