Share via

Remove computer from domain using powershell

Spong 20 Reputation points
2023-10-10T12:48:21.15+00:00

Hello i cam trying to remove my computer from my domain via powershell
i am using this code

Remove-Computer -UnjoinDomaincredential Spongs -PassThru -Verbose -Restart

i run powershell on my local user as admin but the error saying it is denied

Remove-Computer : Failed to unjoin computer 'DESKTOP-H8P7RM8' from domain 'Sponges.local' with the following error
message: Access is denied.
At line:1 char:1
+ Remove-Computer -UnjoinDomaincredential Spongs -PassThru -Verbose -Re ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: (DESKTOP-H8P7RM8:String) [Remove-Computer], InvalidOperationException
    + FullyQualifiedErrorId : FailToUnjoinDomain,Microsoft.PowerShell.Commands.RemoveComputerCommand
Windows for business Windows Server User experience PowerShell
Windows for business Windows Server User experience Other
Windows for business Windows Client for IT Pros User experience Other
0 comments
Accepted answer
  1. Ali AlEnezi 1,081 Reputation points
    2023-10-11T05:49:54.54+00:00

    Hello Spong,

    The error message "Access is denied" indicates that the credentials you provided (or did not provide) do not have the necessary permissions to unjoin the computer from the domain.

    Here's how you can attempt to resolve the issue:

    Ensure Administrative Privileges: Make sure you're running PowerShell as an administrator, which you mentioned you're doing.

    Provide Domain Credentials: The syntax you provided for the Remove-Computer command appears to be incorrect for the -UnjoinDomainCredential parameter. You should be prompted for a username and password for a domain account that has permissions to unjoin computers from the domain.

    Here's the correct way to use the -UnjoinDomainCredential parameter:

       $credential = Get-Credential
   Remove-Computer -UnjoinDomainCredential $credential -PassThru -Verbose -Restart
    1. Ensure Account Permissions: The account you use to unjoin the machine from the domain needs to have sufficient privileges. Typically, domain admins or accounts with delegated permissions to manage computer objects can perform this action. If you're unsure, consult your domain administrators or check the permissions on the computer object within Active Directory.
    2. Alternate Method: If you continue to face issues, you can always revert to using the traditional method by going through the System Properties -> Computer Name -> Change settings -> Change and then selecting to unjoin from the domain. This method will also require domain credentials with sufficient permissions.

    If after all these steps, you're still having problems, there might be other issues at play, such as network connectivity problems, AD replication issues, or other domain-related problems that need to be investigated.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.