Is there a way to remove the sid for a machine from AD in windows 2000 I added a machine to the domain that I should not have.
How do I go about removing its SID from the domain....
You cannot remove the SID. You delete the computer object from active directory users and computers, and after about 90 days, windows will purge it from the AD Database in a process called "tombstoning" (think WINS).
If you don't' want that machine to be able to log onto the domain, go back and tell it that it belongs to a workgroup.
When you joined it to the domain, a computer account was generated in active directory. Delete or dissable that account.
Note: even if a computer isn't a member of the domain, it can still get a DHCP address and register itself with DNS and WINS. It just can't access domain resources.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.