Computer Accounts DELETED from Active Directory !!
Over the last couple of months we have had a few computer accounts deleted from AD. I at fist thought this may have been a mistake by one of the team etc. I simply took the workstations off the domain and back on and problem solved.
BUT recently we have had this happen again. Today we had 6 machines disappear from AD. I have checked and they were actually deleted as they are in the CN=Deleted Objects container.
Not too long ago we added 2 additional 2012 DCs (DC3&DC4) to our current 2 x 2003R2 DCs....
When I was happy with the FSMO roles and replication etc I then dcpromo`ed and demoted one of the 2003 DCs. (other still to do)
I have checked replication with dcdiag /V and all is fine on all three servers. I was wondering if anyone else had seem anything like this before? I get Events "The session setup from computer 'LC1-18' failed because the security database does not contain a trust account 'LC1-18$' referenced by the specified computer."
One other possibility is last week we took out several machines from the store to replace identical faulty machines. I simply swapped the working HDD and put it into the old machines. I was careful not to power up the machine with the old HDD in as i know (from experience!) that this then causes the account to be disabled... (but not deleted)
As a third suggestion when i setup the new 2012 DCs i also redid the DNS scavenging.... possibly related?
Has anyone seen anything like this before? Any suggestions in-case this maybe gets any worse?
Thanks in advance!