A Domain provides single user login from any computer connected to that network within the network perimeter. Users are allowed (or restricted) to access resources depending upon the permissions they have. If your Windows 10 PC is joined to a domain, you can remove the PC from the domain if needed.
My account is associated with an active directory of a previous company i was working at.
What is the best way to unbind my account from the AD without losing my files? I have admin access to the machine, and all the files are locally available.
The account is admin/managed and mobile.
1 Answer
- Login to a different admin account.
- Delete your account, choosing 'Don't change the home folder' option.
- Open Terminal and rename your home folder, eliminating the ' (Deleted)' part -- sudo mv '/Users/yourshortname (Deleted)' /Users/yourshortname
- Unbind your machine (Login Options tab, at the bottom)
- Create a new account with the same short name.
- Use the existing folder, when you're prompted.
An update to my comment of Sep 6 at 15:24 and part of #4 -- Apple has just issued a supplemental update that fixes this loophole. The text of their security announcement is:
APPLE-SA-2013-10-03-1 OS X v10.8.5 Supplemental Update
OS X v10.8.5 Supplemental Update is now available and addresses the following:
Directory Services Available for: OS X Mountain Lion v10.8 to v10.8.5 Impact: A local user may modify Directory Services records with system privileges
Description: A logic issue existed in Directory Services's verification of authentication credentials allowing a local attacker to bypass password validation. The issue was addressed through improved credential validation. CVE-ID CVE-2013-5163 : the rookies of 42
You must log in to answer this question.
Not the answer you're looking for? Browse other questions tagged macosuser-accountactive-directory .
I lost my domain controller machine, and then add new domain controller but with a new domain. How do I remove network machines from old domain using command line and add to new domain? Machines using Windows Server 2008 Core (command line only)
works only on domain controller.
When I try to exit from old domain, console requests username and password for exit. I type it, and then get error 'Could not connect to domain' (old domain controller not exists)
What to do?
1 Answer
Try netdom remove computername /Domain:domain /UserD:user /PasswordD:* /Force
Type netdom remove /?
for the full command usage. The /Force option is what you're looking for. Per the help:
Forces the unjoin of the machine from the domain even if the domain is not found or does not contain the matching computer object.
To join the members to the new domain: netdom join computername /Domain:domain /UserD:user /PasswordD:*
Again type netdom join /?
for help with the command usage.