DocumentationRelease Notes
Documentation

Leave a domain and uninstall the AD Bridge agent

Suggest Edits

You can remove a computer from a domain without necessarily disabling or deleting the computer's account in Active Directory. If needed, you can uninstall the AD Bridge agent from a client computer.

Leave a domain

When a computer is removed from a domain, AD Bridge retains the settings that were made to the computer's configuration when it was joined to the domain. Changes to the nsswitch module are also preserved until you uninstall AD Bridge, at which time they are reverted.

Before leaving a domain, run the following command to view the changes that will take place:

domainjoin-cli leave --advanced --preview domainName

Example:

[root@rhel4d example]# domainjoin-cli leave --advanced --preview example.com
Leaving AD Domain:    EXAMPLE.COM
[X] [S] ssh                  - configure ssh and sshd
[X] [N] pam                  - configure pam.d/pam.conf
[X] [N] nsswitch             - enable/disable  nsswitch module
[X] [N] stop                 - stop daemons
[X] [N] leave                - disable machine account
[X] [N] krb5                 - configure krb5.conf
[F] keytab                   - initialize kerberos keytab
      
Key to flags     
[F]ully configured           - the system is already configured for this step
[S]ufficiently configured    - the system meets the minimum configuration requirements for this step
[N]ecessary                  - this step must be run or manually performed
[X]                          - this step is enabled and will make changes
[ ]                          - this step is disabled and will not make changes

Remove a Linux or Unix computer from a domain

To remove the computer, use a root account or a user with sudo rights to run the following command:

/opt/pbis/bin/domainjoin-cli leave

Disable the computer account in Active Directory

By default, a computer account in Active Directory is not disabled or deleted when the computer is removed from the domain.

To disable but not delete the computer account, include the user name as part of the leave command. You will be prompted for the user account password:

/opt/pbis/bin/domainjoin-cli leave userName

Remove the computer account in Active Directory

To delete the computer account, use the option --deleteAccount and include the user name as part of the leave command.

ℹ️

Note

You will be prompted for the password of the user account.

/opt/pbis/bin/domainjoin-cli leave --deleteAccount userName

Uninstall the agent on a Linux or Unix computer

You can uninstall AD Bridge by using a shell script or by using a command.

Use a shell script to uninstall

⚠️

Important

Before uninstalling the agent, you must leave the domain. Then execute the uninstall command from a directory other than pbis so that the uninstall program can delete the pbis directory and all its subdirectories. For example, execute the command from the root directory.

If you installed the agent on a Linux or Unix computer by using the shell script, you can uninstall the AD Bridge agent from the command line by using the same shell script with the uninstall option.

ℹ️

Note

To uninstall the agent, you must use the shell script with the same version and build number that you used to install it. For example, on a Linux computer running glibc, change directories to the location of AD Bridge and then run the following command as root, replacing the name of the script with the version you installed:

./adbridge-##.#.#.###.linux.x86_64.rpm.sh uninstall

For information about the script's options and commands, execute the following command:

./adbridge-##.#.#.###.linux.x86_64.rpm.sh help

Use a command to uninstall

To uninstall AD Bridge by using a command, run the following command:

/opt/pbis/bin/uninstall.sh uninstall

ℹ️

Note

Using the command to uninstall, as above, leaves the AD Bridge configuration files in place on the operating system (OS).

To completely remove all files related to AD Bridge from your computer, run the command as follows instead. If using this command and option, you do not need to leave the domain before uninstalling.

/opt/pbis/bin/uninstall.sh purge

Uninstall the console on a Windows computer

To uninstall AD Bridge on a Windows computer:

  1. Open the Control Panel.
  2. Under Programs, click Uninstall a program.
  3. Select the BeyondTrustAD Bridge Enterprise.
  4. At the top of the list, click Uninstall (or right-click and select Uninstall) and follow the directions on the screen.

ℹ️

Note

This will not remove any Default or Named cells that are created.

Updated about 1 month ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.