Background: Had a small 4 PC office on Server 2012r2 with domain named OLD-DOMAIN. Server was old and wonky and had to restore from full system image backup that was recent (as in a few days old).
PCs ran fine with server disconnect to router as per usual and employees had to deal with local files and USB sticks for the duration.
Had everyone shut down before going live with the restore. First PC to boot and log in threw error that was not the "Trust relationship has been broken" type. It was new to me (with m-a-n-y years experience_ "We cannot sign you with this credential because your domain isn’t available: Make sure your device is connected to your organization’s network and try again."
Shut down, unplugged network cable to boot locally. Unable log in to the user in usual way one can when there's no network. Totally lost the ability to get into the account. (Restored PC from local restore point and could get in as long as no network cable plugged in.
Extremely plain vanilla AD just FYI.
Now have new server and will put Server 2019 on it. How to I move forward? Ideally good time to change domain name to NEW-DOMAIN to reflect company changes and just rejoin those PCs.
How to move forward and why did this happen so I can prevent it ever happening again.
EDIT: To be clear, what happened prevented access to user account on the PC completely - not just related to domain.
