Removing Windows Clients from a non-existent domain

In this post we discuss removing windows clients (xp, etc.) from a domain that no longer exists, or which you no longer have access.

In the course of migrating a small group of computers to a new Linux server running file and print services, I realized that I had to first remove the client machines from a windows domain that no longer existed due to catastrophic hardware failure.

While I had local administrative access, I could not change the clients to workgroup membership, as this step requires authenticating to the domain as an domain administrator.

What to do: Recreate the domain temporarily, and remove the clients from the domain.

On the server side:

  • Navigate over to the “Technet Evaluation Center” and download an evaluation copy of Microsoft Server. You’re going to need to be patient as the download is a few gigabytes.
  • Load the server operating system on your hardware/VM
  • Install the “Dot Net” feature
  • Download updates
  • Configure a static address, setting the machine’s IP address as it’s DNS server’s address
  • Remove internet access from the attached local network
  • Add the “Domain Services” role
  • Run “dcpromo” in an administrative command shell, you’ll need to use the same domain naming schema as the missing domain
  • Create a new user and add them to the domain administrator’s group

On the client side:

  • Set a static IP address to be on the same subnet as the server. You’ll want to set IP address for the default gateway and DNS server to be the address of the newly created domain controller.
  • Navigate to system properties – computer name, then click change
  • Set it to workgroup mode, it will then ask you for the credentials of a domain administrator
  • Give the the credentials of the domain administrator that you created on the temporary domain controller
  • Reboot the client machine

That’s all there is to removing the client from domain membership.