我有一个用于测试目的的域控制器设置,其中有一台 Windows 10 工作站加入该域。
假设我想删除当前的 DC 并部署一个具有相同 IP 但不同域名的新 DC。
使用 PowerShell 脚本,仅当域控制器关闭或防火墙规则阻止与 DC 的通信时,Remove-Computer 才会成功。
如何使用 PowerShell 自动并成功脱离工作站,而无需先关闭 DC 或添加防火墙规则?
这是我用来离开域(如果已加入域)然后加入新域的脚本。
Write-Host "Attempting to join this workstation to the domain..."
$password = ConvertTo-SecureString 'mypassword' -AsPlainText -Force
$credentials = New-Object System.Management.Automation.PSCredential ("HOMELAB\Administrator", $password)
$rule = Get-NetFirewallRule -DisplayName DOMAINCONTROLLER -ErrorAction SilentlyContinue
$isDomainMember = (Get-WmiObject -Class Win32_ComputerSystem).PartOfDomain
if ($isDomainMember) {
Write-Host "Leaving domain..."
if($rule -eq $null) {
Write-Host "Adding firewall rule to block domain"
$addrule = New-NetFirewallRule -DisplayName DOMAINCONTROLLER -Direction Outbound –LocalPort Any -Protocol TCP -Action Block -RemoteAddress 192.168.239.144
}
$result = Remove-Computer -PassThru -Force -ErrorAction SilentlyContinue
}
if (Get-NetFirewallRule -DisplayName DOMAINCONTROLLER -ErrorAction SilentlyContinue) {
Write-Host "Removing firewall rule"
Remove-NetFirewallRule -DisplayName DOMAINCONTROLLER
}
$join = Add-Computer -DomainName homelab.local -Credential $credentials -PassThru -ErrorAction SilentlyContinue
if ($join.HasSucceeded) {
Write-Host -BackgroundColor Green -ForegroundColor Yellow "Success!"
} else {
Write-Host -BackgroundColor Red -ForegroundColor Yellow "Fail"
}
谢谢!