Author Posts

July 20, 2016 at 3:43 pm

So im trying to get rid of an existing computer in the domain, however I get the following error:
_____________________________________________________________________________________________________________________________
WARNING: Error initializing default drive: 'Unable to find a default server with Active Directory Web Services running.
_____________________________________________________________________________________________________________________________
Below is a demo of my script:
_____________________________________________________________________________________________________________________________
Import-Module Activedirectory
$adifferentcomputer ="itsHostname"
$domain = "mydomain.org"
$password = Get-Content C:\mypassword.txt | ConvertTo-SecureString -asPlainText -Force
$username = "$domain\myusername"
$credential = New-Object System.Management.Automation.PSCredential($username,$password)
Remove-ADComputer -Identity $adifferentcomputer -DomainName $domain -Credential $credential
_____________________________________________________________________________________________________________________________
So is there a way of removing a computer from a target domain without being part of it? Am I even going about this the right way? any input would be appreciated. Thanks!

July 20, 2016 at 3:46 pm

Try adding the -Server parameter and target a DC of that domain.

July 20, 2016 at 3:52 pm

Right I would have assumed something along those lines but Import-module doesn't seem to support the server parameter according to technet.

Import-Module [-Name] [-Alias ] [-ArgumentList ] [-AsCustomObject] [-Cmdlet ] [-DisableNameChecking] [-Force] [-Function ] [-Global] [-MaximumVersion ] [-MinimumVersion ] [-NoClobber] [-PassThru] [-Prefix ] [-RequiredVersion ] [-Scope {Local | Global} ] [-Variable ] [ ]

error when I tried "Import-Module activedirectory -server 'mydomain.org\dc-1'"

July 20, 2016 at 4:54 pm

Remove-ADComputer -Server

July 20, 2016 at 4:56 pm

alternatively, New-PSDrive -Name anotherdomain -PSProvider ActiveDirectory -Root dc=anotherdomain,dc=com -Server dc

July 20, 2016 at 5:22 pm

That would have worked great, however I found yet another work around. I just invoke the command to the dc.
something like this, but thanks for the help!

winrm set winrm/config/client `@`{TrustedHosts=`"`dc-1`"`}
$domain = "mydomain.org"
$password = Get-Content password.txt | ConvertTo-SecureString -asPlainText -Force
$username = "$domain\user"
$credential = New-Object System.Management.Automation.PSCredential($username,$password)
Invoke-Command -ComputerName dc-1 -Credential $credential -ScriptBlock {
parm ($domain, $password)
Remove-ADComputer -Identity olduser -confirm
} -args $domain, $password

July 21, 2016 at 2:40 am

Invoke command to a DC will require domain admin rights, whereas the other methods just require the delete object rights.

Also not a good idea to store domain admin password clear text in a file unless it's a lab.