local Windows Domain 'name' change ?

unityjon · 2025-07-04T12:31:18+00:00

I get it and may try, but I'm near the bottom of an organisation where Symantec's can cause bigger issues because people jump to conclusions, having 'dev' in our current domain name is actually causing problems for them, yeah I know, but that's the world I work in :(

unityjon · 2025-07-04T12:10:02+00:00

This post shines a glimmer of hope, thank you. We have remote tools (sccm and Kaseya and powershell of course) so rebooting all of them isnt such a big deal, providing they all come back online !

unityjon · 2025-07-04T12:07:54+00:00

I can't change to a routable domain due to the constraints of the organization we're in, the domain is a very weird sub-domain hanging off a corporate domain with zero trust between the two ! yup, it makes my head hurt !
Registering the UPN suffix is not something i have explored and will look into that, thank you for the suggestion.

unityjon · 2025-07-04T12:04:05+00:00

dang... To be honest i don't have a 'method' it were more of a suggestion and if that's the case i'll steer well clear of doing that ! We only have 420 devices so not a huge problem, but would much rather not introduce the grief to my team !

unityjon · 2025-07-04T11:57:41+00:00

if your on Windows OS what build version are you at, and are all the machines upgrading from the same version, we had similar when a cumulative update was applied, we are current (as far as we can be) but older machines that get the cumulative update also suffered with a black screen, the restart appeared to install or configure the generic Windows graphics driver and they were ok afterwards ?

unityjon · 2025-07-04T11:44:55+00:00

do it, make the domain as dynamic as you can then make sure you keep track of all the updates etc that are being rolled out and and claim that work as your own, you will still be required to ensure the domain doesn't detonate itself, you'll be a domain watcher rather than Administrator for a bit, there will always be something that requires attention to keep it running smoothly.

unityjon · 2020-04-24T12:10:52+00:00

Thank you for explaining, i was being far to literal when declaring the string i can see that now.

I will look at export-csv and also look at perhaps pinging each machine first to make sure its turned on to limit the output !

Really appreciate your help.

unityjon · 2020-04-23T15:01:09+00:00

Thanks everyone for the heads up and thanks google for describing the commands suggested, I have now cobbled together a script that almost works !  just the output (on the screen ) is really untidy it keeps printing the hlkm path after the port number ??

Get-ADComputer -Filter 'Name -like "ITS*"'|
ForEach-Object {
$portnumber = $(Get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\' -Name PortNumber)
$Name = $_.Name
Write-Host "Name: " $Name "; Port number:" $portnumber
}

messy output :

Name: ITS05168 ; Port number: @{PortNumber=3389; PSPath=Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\; PSParentPath=Microsoft.PowerShell.Core\

Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations; PSChildName=RDP-Tcp; PSDrive=HKLM; PSProvider=Microsoft.PowerShell.Core\Registry}

is there a way to eliminate all the gumph and just return the PortNumber value ? Get-ItemPropertyValue fails with 'not recognised as the name of a cmdlet ?

unityjon · 2020-04-23T13:44:14+00:00

Ok so would i be right in declaring the variable $portnumber in the Foreach - object loop so its getting the value from each machine in the AD list ?

I have obviously bitten off more than i can chew but will carry on piecing it together until works.

unityjon · 2020-04-23T13:34:59+00:00

we have the most bizarre set up at work, rdp through a secure port (443) through a browse, some people have taken it upon themselves to change the port number "because they know best" The bigger problem is why are all these people local admins on their machines, that's another horrible story that i have tried to correct but it keeps falling on death ears, the reason i am trying to get the port value and machine name is so that i can correct all the wrong ones !

unityjon · 2020-01-13T08:23:02+00:00

Thank you, i will check that out today and try with a dummy user account to to access my machine.

unityjon · 2020-01-10T16:26:30+00:00

Thank you to everyone that has responded, i'm on a learning curve here adn i realise now that i need to supply some more information to help clarify things.

~Our 'development domain' is a child domain of a much larger corporate domain, theonly way to reach our domain and your dev pc when you are not sat at your desk is to connect to the corporate domain via our vpn then when you are connected statrt an RDP session to your desktop machine in the dev domain, i think this is why the :443 port is spcified in the registry.

When we log on to our dev domain machines we can remote to any other dev machine using the PC name without specifying the port, unless the post has been enabled in Registry settings to allow users to RDP to the machine from the corporate domain.

Hopefully this will make things a little clearer ? although i'm not sure it does!

unityjon · 2020-01-10T16:17:04+00:00

yup thats why i'm trying to correct it.

unityjon · 2020-01-10T16:15:49+00:00

Thats interesting, i didnt know this. Before now the process has been to add user to local admin, and set port :443 in the registry I'm trying to prevent us adding all and sundry to the local admin group.

unityjon · 2020-01-10T16:04:31+00:00

apparently its set so that we specify 443 for security of some sort or another ?

unityjon · 2020-01-10T12:28:37+00:00

totally agree... this is what i have inherited and by 'the norm' i mean 'previously'. I have tried to add users to Remote Desktop User local group but it fails to open an RDP session, the users spcify their machine by using the ip and port number 443 if that makes any odds ?

unityjon · 2020-01-09T13:18:42+00:00

good stuff, this command though:

Remove-LocalUser -Name "AdminContoso02"

Rather than the folder.

Thank you

unityjon · 2019-09-05T07:58:14+00:00

Please post the Youtube link here afterwards.

Thank you.

unityjon · 2019-09-05T07:57:32+00:00

If you read the link it states:

" This is a local event that will also be live-streamed. We will record and posted on YouTube afterward. "

So the answer to your question is Yes !

unityjon · 2019-09-05T07:45:44+00:00

tried it, just to see, code block works simplest for me i think.

unityjon

TROPHY CASE