I’m currently working from home and managed to get myself locked out of a PC (Long story involving Bitlocker). Only way out from this was to re-install Windows and then rejoin to the domain.
Re-install is easy as I have WDS configured on my home network. Re-joining the domain is easy, I could either do an offline domain join with Direct Access policies embedded, or just connect the FortiGate VPN and join the domain and run gpupdate. I went with the latter as it seemed like it’d be the easier option. As I’d used WDS, the PC was now part of my home network domain, so I removed it from the domain, renamed and rebooted. I then went and connected it to the work domain and ran gpupdate, all fine, and restarted the PC. That’s when it got weird.