Cut 3864 fix hybrid leave domain (#118)

kmaranionjc · web-flow · commit 6cfd0c0c8f5b · 2024-03-29T13:38:45.000-07:00
* hybrid leave bug fix

* bug fix

* changelog
diff --git a/ModuleChangelog.md b/ModuleChangelog.md
@@ -1,3 +1,12 @@
+## 2.6.7
+
+Release Date: Mar 29, 2024
+
+#### RELEASE NOTES
+
+```
+* Fixes an issue with hybrid unjoin would not leave local domain
+```
 ## 2.6.6
 
 Release Date: Mar 28, 2024
diff --git a/jumpcloud-ADMU/JumpCloud.ADMU.psd1 b/jumpcloud-ADMU/JumpCloud.ADMU.psd1
@@ -12,7 +12,7 @@
     RootModule        = 'JumpCloud.ADMU.psm1'
 
     # Version number of this module.
-    ModuleVersion     = '2.6.6'
+    ModuleVersion     = '2.6.7'
 
 
     # Supported PSEditions
diff --git a/jumpcloud-ADMU/Powershell/Form.ps1 b/jumpcloud-ADMU/Powershell/Form.ps1
@@ -143,7 +143,7 @@ function show-mtpSelection {
 <Window
         xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"
         xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"
-        Title="JumpCloud ADMU 2.6.6"
+        Title="JumpCloud ADMU 2.6.7"
         WindowStyle="SingleBorderWindow"
         ResizeMode="NoResize"
         Background="White" ScrollViewer.VerticalScrollBarVisibility="Visible" ScrollViewer.HorizontalScrollBarVisibility="Visible" Width="1000" Height="520">
diff --git a/jumpcloud-ADMU/Powershell/Start-Migration.ps1 b/jumpcloud-ADMU/Powershell/Start-Migration.ps1
@@ -1383,7 +1383,7 @@ Function Start-Migration {
     Begin {
         Write-ToLog -Message:('####################################' + (get-date -format "dd-MMM-yyyy HH:mm") + '####################################')
         # Start script
-        $admuVersion = '2.6.6'
+        $admuVersion = '2.6.7'
         Write-ToLog -Message:('Running ADMU: ' + 'v' + $admuVersion)
         Write-ToLog -Message:('Script starting; Log file location: ' + $jcAdmuLogFile)
         Write-ToLog -Message:('Gathering system & profile information')
@@ -2025,10 +2025,10 @@ Function Start-Migration {
                     $AzureADStatus = ($line.trimstart('AzureADJoined : '))
                 }
                 if ($line -match "DomainJoined : ") {
-                    $AzureDomainStatus = ($line.trimstart('DomainJoined : '))
+                    $LocalDomainStatus = ($line.trimstart('DomainJoined : '))
                 }
             }
-            Write-ToLog -Message "DomainJoined Status: $AzureDomainStatus"
+            Write-ToLog -Message "DomainJoined Status: $LocalDomainStatus"
             Write-ToLog "AzureAD Status: $AzureADStatus"
             if ($AzureADStatus -eq 'YES' -or $netBiosName -match 'AzureAD') {
 
@@ -2094,11 +2094,11 @@ Function Start-Migration {
             #endregion AutobindUserToJCSystem
 
             #region Leave Domain or AzureAD
-
+            $WmiComputerSystem = Get-WmiObject -Class:('Win32_ComputerSystem')
             if ($LeaveDomain -eq $true) {
-                if ($AzureADStatus -match 'YES' -or $AzureDomainStatus -match 'YES') {
+                if ($AzureADStatus -match 'YES' -or $LocalDomainStatus -match 'YES') {
                         try {
-                            if ($AzureDomainStatus -match 'NO') {
+                            if ($LocalDomainStatus -match 'NO') {
                                 dsregcmd.exe /leave # Leave Azure AD
                             } else {
                                 Remove-Computer -force #Leave local AD or Hybrid
@@ -2112,19 +2112,54 @@ Function Start-Migration {
                             if ($line -match "AzureADJoined : ") {
                                 $AzureADStatus = ($line.trimstart('AzureADJoined : '))
                             }
-                            if ($line -match "EnterpriseJoined : ") {
-                                $AzureEnterpriseStatus = ($line.trimstart('EnterpriseJoined : '))
-                            }
                             if ($line -match "DomainJoined : ") {
-                                $AzureDomainStatus = ($line.trimstart('DomainJoined : '))
+                                $LocalDomainStatus = ($line.trimstart('DomainJoined : '))
                             }
                         }
                         # Check Azure AD status after running dsregcmd.exe /leave as NTAUTHORITY\SYSTEM
                         if ($AzureADStatus -match 'NO') {
-                            Write-toLog -message "Left Azure AD domain successfully`nDevice Domain State`nAzureADJoined : $AzureADStatus`nEnterpriseJoined : $AzureEnterpriseStatus`nDomainJoined : $AzureDomainStatus"
+                            Write-toLog -message "Left Azure AD domain successfully. Device Domain State, AzureADJoined : $AzureADStatus"
                             $admuTracker.leaveDomain.pass = $true
                         } else {
-                            Write-ToLog -Message:('Unable to leave domain, JumpCloud agent will not start until resolved') -Level:('Warn')
+                            Write-ToLog -Message:('Unable to leave Azure Domain. Re-running dsregcmd.exe /leave') -Level:('Warn')
+                            dsregcmd.exe /leave # Leave Azure AD
+
+                            $ADStatus = dsregcmd.exe /status
+                            foreach ($line in $ADStatus) {
+                                if ($line -match "AzureADJoined : ") {
+                                    $AzureADStatus = ($line.trimstart('AzureADJoined : '))
+                                }
+                            }
+                            if ($AzureADStatus -match 'NO') {
+                                Write-ToLog -Message:('Left Azure AD domain successfully') -Level:('Info')
+                                $admuTracker.leaveDomain.pass = $true
+                            } else {
+                                Write-ToLog -Message:('Unable to leave Azure AD domain') -Level:('Warn')
+                                $admuTracker.leaveDomain.fail = $true
+                            }
+
+                        }
+
+                        if ($LocalDomainStatus -match 'NO') {
+                            Write-toLog -message "Local Domain State, Local Domain Joined : $LocalDomainStatus"
+                            $admuTracker.leaveDomain.pass = $true
+                        } else {
+                            Write-ToLog -Message:('Unable to leave local domain using remove-computer...Running UnJoinDomainOrWorkGroup') -Level:('Warn')
+                            $WmiComputerSystem.UnJoinDomainOrWorkGroup($null, $null, 0)
+
+                            $ADStatus = dsregcmd.exe /status
+                            foreach ($line in $ADStatus) {
+                                if ($line -match "DomainJoined : ") {
+                                    $LocalDomainStatus = ($line.trimstart('DomainJoined : '))
+                                }
+                            }
+                            if ($LocalDomainStatus -match 'NO') {
+                                Write-ToLog -Message:('Left local domain successfully') -Level:('Info')
+                                $admuTracker.leaveDomain.pass = $true
+                            } else {
+                                Write-ToLog -Message:('Unable to leave local domain') -Level:('Warn')
+                                $admuTracker.leaveDomain.fail = $true
+                            }
                         }
             }
         }
