Can't rejoin computer to domain without deleting computer account

[COMPUTERTECH33]

Hi all. I have a 2K3 AD domain. Our company has three domains. DUring testing, I have joined domain 1 which is 2003 AD, then jointed an NT 4.0 domain without issue. I then try to rejoin the domain 1 (2003 AD domain) but cannot. I get an error about a missing domain controller. I verified that my ip range and DNS is correct.

I deleted the existing computer account and then successfully rejoined the domain?

Does anyone know why I would have to delete the computer account?

Thanks

 

[ShackDaddy]

Because a special SID was created for you when you first joined the W2K3 domain and it allowed your computer to be trusted whenever it interacted with the domain. When you joined the other domain, your computer removed its SID and took a new SID from the NT domain.

When you tried to rejoin the original domain, it thought that there was already a computer with your name that had a specific SID, but since you no longer had that SID, it rejected communications with your computer. Once you remove the computer account, the DC realizes that you aren't an imposter pretending to be a member of the domain, but that you are just a computer wanting to join the domain.

ShackDaddy
Shackelford Consulting

 

[djtech2k]

I would first try going into AD and resetting the account, then telling your machine to rejoin. If that does not work, then just whack the account and rejoin.