Remove a Computer from an Active Directory Domain

When you remove a computer from a domain, AD Bridge retains the settings that were made to the computer's configuration when it was joined to the domain.

As of AD Bridge 9.1.0, the user interface no longer removes computers from a domain. Computer removals from a domain must be performed by using the command line. For documentation about previous versions of AD Bridge, please see the BeyondTrust AD Bridge Documentation Archives.

Remove through the Command Line

Using sudo, execute the following command in Terminal:

sudo /opt/pbis/bin/domainjoin-cli leave

Remove the Computer Account in Active Directory

By default, when you remove a computer from a domain, the computer account in Active Directory is not disabled or deleted.

To disable a computer account in an Active Directory domain, execute the following command:

domainjoin-cli leave userName

Example:

domainjoin-cli leave brsmith

You will be prompted for the password of the user account.

To delete a computer account in an Active Directory domain, execute the following command:

domainjoin-cli leave --deleteAccount userName

Example:

domainjoin-cli leave --deleteAccount brsmith

You will be prompted for the password of the user account.

Uninstall AD Bridge

Execute the following command in Terminal:

sudo /opt/pbis/bin/macuninstall.sh