Have three Win2k domain controllers. One was added while we fixed another. Now that the it is back up and running, I need to remove the spare DC. I ran "dcpromo" but it failed to demote the server. I keep getting a "access denied" message when it tries to remove the server another servers replication information. I am using the domain admin account but it still will not remove. I think we even tried forcing demotion using NTDSUTIL.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
DCpromo Fails
- Thread starter i601254
- Start date
intelwizrd
IS-IT--Management
I had this problem before as well, make sure that the sysvol information is replicating correctly.
Look through the event logs and make sure there are no errors. If there are post em.
cheers
Look through the event logs and make sure there are no errors. If there are post em.
cheers
- Thread starter
- #3
Replication between remaing DC's if fine. No error messages. Now when I run dcpromo, it seems to be working up until the point it has to change the machine account on one of the other DC's. Here's the error msg:
Operation failed because: The attempt to configure the machine account XYZ-DC$ on server DC1.our.local failed "Access is denied"
"Specify an account with Enterprise Administrative privledges to the forest "our.local".
I enter my user id, password and domain and dcpromo begins attempting to demote the server but continues to fail. I've checked my account and I am a member of the Enterprise Admins and Administrators.
Operation failed because: The attempt to configure the machine account XYZ-DC$ on server DC1.our.local failed "Access is denied"
"Specify an account with Enterprise Administrative privledges to the forest "our.local".
I enter my user id, password and domain and dcpromo begins attempting to demote the server but continues to fail. I've checked my account and I am a member of the Enterprise Admins and Administrators.
I just documented this for work. Here you go...
*******************************************************
This document details steps to be taken to correct replication problems between Domain Controllers and also serves as a point of reference for forcefully removing a DC from the domain.
It is important to identify which DC holds the most recent updates of AD. Check for recently created objects such as users or groups or machine accounts. When removing the DC from the domain, any objects that only exist on this server will be lost.
As a naming convention this document will refer to ServerGood and ServerBad where ServerGood is the DC that will remain in the domain and ServerBad is the DC to be removed.
1. Identify the bad server (ServerBad)
2. On ServerBad stop the NTFRS service and KDC Service.
3. On ServerBad run KerbTray resource kit utility and delete the Kerberos Certificates.
4. On ServerGood, run Netdom Query FSMO and check for FSMO ownership. Attempt to transfer all roles to ServerGood using AD Users and Computers
5. If you are unable to transfer roles, seize all 5 FSMO roles.
Note Only seize the FSMO roles to the remaining Active Directory domain controllers if you are removing the FSMO role holder from the domain or forest.
To seize or transfer the FSMO roles by using Ntdsutil, follow these steps:
1. On any domain controller, click Start, click Run, type ntdsutil in the Open box, and then click OK.
Note Microsoft recommends that you use the domain controller that is taking the FSMO roles.
2. Type roles, and then press ENTER.
To see a list of available commands at any of the prompts in the Ntdsutil tool, type ?, and then press ENTER.
3. Type connections, and then press ENTER.
4. Type connect to server servername, where servername is the name of the server you want to use, and then press ENTER.
5. At the server connections: prompt, type q, and then press ENTER again.
6. Type seize role, where role is the role you want to seize. For a list of roles that you can seize, type ? at the Fsmo maintenance: prompt, and then press ENTER, or consult the list of roles at the beginning of this article. For example, to seize the RID Master role, you would type seize rid master. The one exception is for the PDC Emulator role, whose syntax would be "seize pdc" and not "seize pdc emulator".
Note All five roles need to be in the forest. If the first domain controller is out of the forest then seize all roles. Determine which roles are to be on which remaining domain controllers so that all five roles are not on only one server.
Microsoft recommends that you only seize all roles when the other domain controller is not returning to the domain, otherwise fix the broken domain controller with the roles.
Note If the domain controller that formerly held any FSMO role is not present in the domain and if it has had its roles seized by the earlier steps in this article, remove it from the Active Directory by following the procedure that is outlined in the following Microsoft Knowledge Base article: For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
216498 HOW TO: Remove Data in Active Directory After an Unsuccessful Domain Controller Demotion
If the original domain controller with the FSMO roles is still online, transfer the roles. Type transfer role.
7. After you seize or transfer the roles, type q, and then press ENTER until you quit the Ntdsutil tool.
Note Do not put the Infrastructure Master role on the same domain controller as the global catalog.
To check if a domain controller is also a global catalog server:
1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Sites and Services.
2. Double-click Sites in the left pane, and then browse to the appropriate site or click Default-first-site-name if no other sites are available.
3. Open the Servers folder, and then click the domain controller.
4. In the domain controller's folder, double-click NTDS Settings.
5. On the Action menu, click Properties.
6. On the General tab, locate the Global Catalog check box to see if it is selected.
6. Reboot ServerBad and verify that you can successfully log in under Active Directory Restore Mode.
7. On ServerBad run DCPROMO /FORCEREMOVAL
Refer to MSKB 332199 for additional details if needed.
8. ServerBad should now be in a workgroup.
9. On ServerGood, execute the MetaCleaner.vbs script and select the ServerBad computer name to delete it from the metabase.
Note: if MetaCleaner.vbs is unavailable you can follow MSKB 216498.
10. Launch the MMC and add the ADSIEdit snap-in.
Remove ServerBad from everything
Now that the NTDS Settings object has been deleted, you can delete the computer account, the FRS member object, the cname (or Alias) record in the _msdcs container, the A (or Host) record in DNS, the trustDomain object for a deleted child domain, and the domain controller.
1. Use ADSIEdit to delete the computer account. To do this, follow these steps:
a. Start ADSIEdit.
b. Expand the Domain NC container.
c. Expand DC=Your Domain, DC=COM, PRI, LOCAL, NET.
d. Expand OU=Domain Controllers.
e. Right-click CN=domain controller name, and then click Delete.
Note: you may need to expand the object and manually delete child objects to delete the computer account if you receive a message that you have insufficient rights to delete the computer account..
If you receive the "DSA object cannot be deleted" error when you try to delete the object, change the UserAccountControl value. To change the UserAccountControl value, right-click the domain controller in ADSIEdit, and then click Properties. Under Select a property to view, click UserAccountControl. Click Clear, change the value to 4096, and then click Set. You can now delete the object.
Note The FRS subscriber object is deleted when the computer object is deleted because it is a child of the computer account.
2. Use ADSIEdit to delete the FRS member object. To do this, follow these steps:
a. Start ADSIEdit.
b. Expand the Domain NC container.
c. Expand DC=Your Domain, DC=COM, PRI, LOCAL, NET.
d. Expand CN=System.
e. Expand CN=File Replication Service.
f. Expand CN=Domain System Volume (SYSVOL share).
g. Right-click the domain controller you are removing, and then click Delete.
3. In the DNS console, use the DNS MMC to delete the A record in DNS. The A record is also known as the Host record. To delete the A record, right-click the A record, and then click Delete. Also delete the cname (also known as the Alias) record in the _msdcs container. To do so, expand the _msdcs container, right-click the cname, and then click Delete.
Important If this was a DNS server, remove the reference to this DC under the Name Servers tab. To do this, in the DNS console, click the domain name under Forward Lookup Zones, and then remove this server from the Name Servers tab.
Note If you have reverse lookup zones, also remove the server from these zones.
4. If the deleted computer was the last domain controller in a child domain and the child domain was also deleted, use ADSIEdit to delete the trustDomain object for the child. To do this, follow these steps:
a. Start ADSIEdit.
b. Expand the Domain NC container.
c. Expand DC=Your Domain, DC=COM, PRI, LOCAL, NET.
d. Expand CN=System.
e. Right-click the Trust Domain object, and then click Delete.
5. Use Active Directory Sites and Services to remove the domain controller. To do this, follow these steps:
a. Start Active Directory Sites and Services.
b. Expand Sites.
c. Expand the server's site. The default site is Default-First-Site-Name.
d. Expand Server.
e. Right-click the domain controller, and then click Delete.
11. Remove all references to ServerBad in DNS forward and reverse lookup zones.
12. Verify that ServerBad does not exist in AD Users and Computers.
13. It is now safe to have ServerBad rejoin the domain and use DCPROMO to make it a DC again if needed.
‘ ==========================================================
‘ GUI Metadata Cleanup Utility
‘ Written By Clay Perrine - clayp@microsoft.com
‘ Version 2.1
on error resume next
dim objRoot,oDC,sPath,outval,oDCSelect,objConfiguration,objContainer,errval,ODCPath,ckdcPath,myObj
set objRoot=GetObject("LDAP://RootDSE"
sPath = "LDAP://OU=Domain Controllers," & objRoot.Get("defaultNamingContext"
Set objConfiguration = GetObject(sPath)
For Each objContainer in objConfiguration
outval = outval & vbtab & objContainer.Name & VBCRLF
Next
outval = Replace(outval, "CN=", ""
oDCSelect= InputBox (outval,"Type the Name of the Problem Domain Controller",""
sPath = "LDAP://OU=Domain Controllers," & objRoot.Get("defaultNamingContext"
Set objConfiguration = GetObject(sPath)
For Each objContainer in objConfiguration
Err.Clear
ckdcPath = "LDAP://" & "CN=" & oDCSelect & ",OU=Domain Controllers," & objRoot.Get("defaultNamingContext"
set myObj=GetObject(ckdcPath)
If err.number <>0 Then
errval= 1
End If
Next
If errval = 1 then
msgbox "The Domain Controller you entered was not found in the Active Directory",,"Metadata Cleanup Utility Error."
wscript.quit
End If
abort = msgbox ("You are about to remove all metadata for the server " & oDCSelect & "! Are you sure?",4404,"WARNING!!"
if abort <> 6 then
msgbox "Metadata Cleanup Aborted.",,"Metadata Cleanup Utility Error."
wscript.quit
end if
oDCSelect = "CN=" & oDCSelect
ODCPath ="LDAP://" & oDCselect & ",OU=Domain Controllers," & objRoot.Get("defaultNamingContext"
sSitelist = "LDAP://CN=Sites,CN=Configuration," & objRoot.Get("defaultNamingContext"
Set objConfiguration = GetObject(sSitelist)
For Each objContainer in objConfiguration
Err.Clear
sitePath = "LDAP://" & oDCSelect & ",CN=Servers," & objContainer.Name & ",CN=Sites,CN=Configuration," & objRoot.Get("defaultNamingContext"
set myObj=GetObject(sitePath)
If err.number = 0 Then
siteval = sitePath
End If
Next
sFRSSysvolList = "LDAP://CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System," & objRoot.Get("defaultNamingContext"
Set objConfiguration = GetObject(sFRSSysvolList)
For Each objContainer in objConfiguration
Err.Clear
SYSVOLPath = "LDAP://" & oDCSelect & ",CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System," & objRoot.Get("defaultNamingContext"
set myObj=GetObject(SYSVOLPath)
If err.number = 0 Then
SYSVOLval = SYSVOLPath
End If
Next
SiteList = Replace(sSitelist, "LDAP://", ""
VarSitelist = "LDAP://CN=Sites,CN=Configuration," & objRoot.Get("defaultNamingContext"
Set SiteConfiguration = GetObject(VarSitelist)
For Each SiteContainer in SiteConfiguration
Sitevar = SiteContainer.Name
VarPath ="LDAP://OU=Domain Controllers," & objRoot.Get("defaultNamingContext"
Set DCConfiguration = GetObject(VarPath)
For Each DomContainer in DCConfiguration
DCVar = DomContainer.Name
strFromServer = ""
NTDSPATH = DCVar & ",CN=Servers," & SiteVar & "," & SiteList
GuidPath = "LDAP://CN=NTDS Settings,"& NTDSPATH
Set objCheck = GetObject(NTDSPATH)
For Each CheckContainer in objCheck
Err.Clear
set exists=GetObject("LDAP://" & NTDSPATH)
If err.number = 0 Then
Set oGuidGet = GetObject(GuidPath)
For Each objContainer in oGuidGet
oGuid = objContainer.Name
oGuidPath = "LDAP://" & oGuid & ",CN=NTDS Settings," & NTDSPATH
Set objSitelink = GetObject(oGuidPath)
objSiteLink.GetInfo
strFromServer = objSiteLink.Get("fromServer"
ispresent = Instr(1,strFromServer,oDCSelect,1)
if ispresent <> 0 then
Set objReplLinkVal = GetObject(oGuidPath)
objReplLinkVal.DeleteObject(0)
end if
next
End If
next
next
next
Set AccountObject = GetObject(ckdcPath)
temp=Accountobject.Get ("userAccountControl"
AccountObject.Put "userAccountControl", "4096"
AccountObject.SetInfo
Set objFRSSysvol = GetObject(SYSVOLval)
objFRSSysvol.DeleteObject(0)
Set objComputer = GetObject(ckdcPath)
objComputer.DeleteObject(0)
Set objConfig = GetObject(siteval)
objConfig.DeleteObject(0)
oDCSelect = Replace(oDCSelect, "CN=", ""
msgval = "Metadata Cleanup Completed for " & oDCSelect
msgbox msgval,,"Notice."
*******************************************************
This document details steps to be taken to correct replication problems between Domain Controllers and also serves as a point of reference for forcefully removing a DC from the domain.
It is important to identify which DC holds the most recent updates of AD. Check for recently created objects such as users or groups or machine accounts. When removing the DC from the domain, any objects that only exist on this server will be lost.
As a naming convention this document will refer to ServerGood and ServerBad where ServerGood is the DC that will remain in the domain and ServerBad is the DC to be removed.
1. Identify the bad server (ServerBad)
2. On ServerBad stop the NTFRS service and KDC Service.
3. On ServerBad run KerbTray resource kit utility and delete the Kerberos Certificates.
4. On ServerGood, run Netdom Query FSMO and check for FSMO ownership. Attempt to transfer all roles to ServerGood using AD Users and Computers
5. If you are unable to transfer roles, seize all 5 FSMO roles.
Note Only seize the FSMO roles to the remaining Active Directory domain controllers if you are removing the FSMO role holder from the domain or forest.
To seize or transfer the FSMO roles by using Ntdsutil, follow these steps:
1. On any domain controller, click Start, click Run, type ntdsutil in the Open box, and then click OK.
Note Microsoft recommends that you use the domain controller that is taking the FSMO roles.
2. Type roles, and then press ENTER.
To see a list of available commands at any of the prompts in the Ntdsutil tool, type ?, and then press ENTER.
3. Type connections, and then press ENTER.
4. Type connect to server servername, where servername is the name of the server you want to use, and then press ENTER.
5. At the server connections: prompt, type q, and then press ENTER again.
6. Type seize role, where role is the role you want to seize. For a list of roles that you can seize, type ? at the Fsmo maintenance: prompt, and then press ENTER, or consult the list of roles at the beginning of this article. For example, to seize the RID Master role, you would type seize rid master. The one exception is for the PDC Emulator role, whose syntax would be "seize pdc" and not "seize pdc emulator".
Note All five roles need to be in the forest. If the first domain controller is out of the forest then seize all roles. Determine which roles are to be on which remaining domain controllers so that all five roles are not on only one server.
Microsoft recommends that you only seize all roles when the other domain controller is not returning to the domain, otherwise fix the broken domain controller with the roles.
Note If the domain controller that formerly held any FSMO role is not present in the domain and if it has had its roles seized by the earlier steps in this article, remove it from the Active Directory by following the procedure that is outlined in the following Microsoft Knowledge Base article: For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
216498 HOW TO: Remove Data in Active Directory After an Unsuccessful Domain Controller Demotion
If the original domain controller with the FSMO roles is still online, transfer the roles. Type transfer role.
7. After you seize or transfer the roles, type q, and then press ENTER until you quit the Ntdsutil tool.
Note Do not put the Infrastructure Master role on the same domain controller as the global catalog.
To check if a domain controller is also a global catalog server:
1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Sites and Services.
2. Double-click Sites in the left pane, and then browse to the appropriate site or click Default-first-site-name if no other sites are available.
3. Open the Servers folder, and then click the domain controller.
4. In the domain controller's folder, double-click NTDS Settings.
5. On the Action menu, click Properties.
6. On the General tab, locate the Global Catalog check box to see if it is selected.
6. Reboot ServerBad and verify that you can successfully log in under Active Directory Restore Mode.
7. On ServerBad run DCPROMO /FORCEREMOVAL
Refer to MSKB 332199 for additional details if needed.
8. ServerBad should now be in a workgroup.
9. On ServerGood, execute the MetaCleaner.vbs script and select the ServerBad computer name to delete it from the metabase.
Note: if MetaCleaner.vbs is unavailable you can follow MSKB 216498.
10. Launch the MMC and add the ADSIEdit snap-in.
Remove ServerBad from everything
Now that the NTDS Settings object has been deleted, you can delete the computer account, the FRS member object, the cname (or Alias) record in the _msdcs container, the A (or Host) record in DNS, the trustDomain object for a deleted child domain, and the domain controller.
1. Use ADSIEdit to delete the computer account. To do this, follow these steps:
a. Start ADSIEdit.
b. Expand the Domain NC container.
c. Expand DC=Your Domain, DC=COM, PRI, LOCAL, NET.
d. Expand OU=Domain Controllers.
e. Right-click CN=domain controller name, and then click Delete.
Note: you may need to expand the object and manually delete child objects to delete the computer account if you receive a message that you have insufficient rights to delete the computer account..
If you receive the "DSA object cannot be deleted" error when you try to delete the object, change the UserAccountControl value. To change the UserAccountControl value, right-click the domain controller in ADSIEdit, and then click Properties. Under Select a property to view, click UserAccountControl. Click Clear, change the value to 4096, and then click Set. You can now delete the object.
Note The FRS subscriber object is deleted when the computer object is deleted because it is a child of the computer account.
2. Use ADSIEdit to delete the FRS member object. To do this, follow these steps:
a. Start ADSIEdit.
b. Expand the Domain NC container.
c. Expand DC=Your Domain, DC=COM, PRI, LOCAL, NET.
d. Expand CN=System.
e. Expand CN=File Replication Service.
f. Expand CN=Domain System Volume (SYSVOL share).
g. Right-click the domain controller you are removing, and then click Delete.
3. In the DNS console, use the DNS MMC to delete the A record in DNS. The A record is also known as the Host record. To delete the A record, right-click the A record, and then click Delete. Also delete the cname (also known as the Alias) record in the _msdcs container. To do so, expand the _msdcs container, right-click the cname, and then click Delete.
Important If this was a DNS server, remove the reference to this DC under the Name Servers tab. To do this, in the DNS console, click the domain name under Forward Lookup Zones, and then remove this server from the Name Servers tab.
Note If you have reverse lookup zones, also remove the server from these zones.
4. If the deleted computer was the last domain controller in a child domain and the child domain was also deleted, use ADSIEdit to delete the trustDomain object for the child. To do this, follow these steps:
a. Start ADSIEdit.
b. Expand the Domain NC container.
c. Expand DC=Your Domain, DC=COM, PRI, LOCAL, NET.
d. Expand CN=System.
e. Right-click the Trust Domain object, and then click Delete.
5. Use Active Directory Sites and Services to remove the domain controller. To do this, follow these steps:
a. Start Active Directory Sites and Services.
b. Expand Sites.
c. Expand the server's site. The default site is Default-First-Site-Name.
d. Expand Server.
e. Right-click the domain controller, and then click Delete.
11. Remove all references to ServerBad in DNS forward and reverse lookup zones.
12. Verify that ServerBad does not exist in AD Users and Computers.
13. It is now safe to have ServerBad rejoin the domain and use DCPROMO to make it a DC again if needed.
‘ ==========================================================
‘ GUI Metadata Cleanup Utility
‘ Written By Clay Perrine - clayp@microsoft.com
‘ Version 2.1
on error resume next
dim objRoot,oDC,sPath,outval,oDCSelect,objConfiguration,objContainer,errval,ODCPath,ckdcPath,myObj
set objRoot=GetObject("LDAP://RootDSE"
sPath = "LDAP://OU=Domain Controllers," & objRoot.Get("defaultNamingContext"
Set objConfiguration = GetObject(sPath)
For Each objContainer in objConfiguration
outval = outval & vbtab & objContainer.Name & VBCRLF
Next
outval = Replace(outval, "CN=", ""
oDCSelect= InputBox (outval,"Type the Name of the Problem Domain Controller",""
sPath = "LDAP://OU=Domain Controllers," & objRoot.Get("defaultNamingContext"
Set objConfiguration = GetObject(sPath)
For Each objContainer in objConfiguration
Err.Clear
ckdcPath = "LDAP://" & "CN=" & oDCSelect & ",OU=Domain Controllers," & objRoot.Get("defaultNamingContext"
set myObj=GetObject(ckdcPath)
If err.number <>0 Then
errval= 1
End If
Next
If errval = 1 then
msgbox "The Domain Controller you entered was not found in the Active Directory",,"Metadata Cleanup Utility Error."
wscript.quit
End If
abort = msgbox ("You are about to remove all metadata for the server " & oDCSelect & "! Are you sure?",4404,"WARNING!!"
if abort <> 6 then
msgbox "Metadata Cleanup Aborted.",,"Metadata Cleanup Utility Error."
wscript.quit
end if
oDCSelect = "CN=" & oDCSelect
ODCPath ="LDAP://" & oDCselect & ",OU=Domain Controllers," & objRoot.Get("defaultNamingContext"
sSitelist = "LDAP://CN=Sites,CN=Configuration," & objRoot.Get("defaultNamingContext"
Set objConfiguration = GetObject(sSitelist)
For Each objContainer in objConfiguration
Err.Clear
sitePath = "LDAP://" & oDCSelect & ",CN=Servers," & objContainer.Name & ",CN=Sites,CN=Configuration," & objRoot.Get("defaultNamingContext"
set myObj=GetObject(sitePath)
If err.number = 0 Then
siteval = sitePath
End If
Next
sFRSSysvolList = "LDAP://CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System," & objRoot.Get("defaultNamingContext"
Set objConfiguration = GetObject(sFRSSysvolList)
For Each objContainer in objConfiguration
Err.Clear
SYSVOLPath = "LDAP://" & oDCSelect & ",CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System," & objRoot.Get("defaultNamingContext"
set myObj=GetObject(SYSVOLPath)
If err.number = 0 Then
SYSVOLval = SYSVOLPath
End If
Next
SiteList = Replace(sSitelist, "LDAP://", ""
VarSitelist = "LDAP://CN=Sites,CN=Configuration," & objRoot.Get("defaultNamingContext"
Set SiteConfiguration = GetObject(VarSitelist)
For Each SiteContainer in SiteConfiguration
Sitevar = SiteContainer.Name
VarPath ="LDAP://OU=Domain Controllers," & objRoot.Get("defaultNamingContext"
Set DCConfiguration = GetObject(VarPath)
For Each DomContainer in DCConfiguration
DCVar = DomContainer.Name
strFromServer = ""
NTDSPATH = DCVar & ",CN=Servers," & SiteVar & "," & SiteList
GuidPath = "LDAP://CN=NTDS Settings,"& NTDSPATH
Set objCheck = GetObject(NTDSPATH)
For Each CheckContainer in objCheck
Err.Clear
set exists=GetObject("LDAP://" & NTDSPATH)
If err.number = 0 Then
Set oGuidGet = GetObject(GuidPath)
For Each objContainer in oGuidGet
oGuid = objContainer.Name
oGuidPath = "LDAP://" & oGuid & ",CN=NTDS Settings," & NTDSPATH
Set objSitelink = GetObject(oGuidPath)
objSiteLink.GetInfo
strFromServer = objSiteLink.Get("fromServer"
ispresent = Instr(1,strFromServer,oDCSelect,1)
if ispresent <> 0 then
Set objReplLinkVal = GetObject(oGuidPath)
objReplLinkVal.DeleteObject(0)
end if
next
End If
next
next
next
Set AccountObject = GetObject(ckdcPath)
temp=Accountobject.Get ("userAccountControl"
AccountObject.Put "userAccountControl", "4096"
AccountObject.SetInfo
Set objFRSSysvol = GetObject(SYSVOLval)
objFRSSysvol.DeleteObject(0)
Set objComputer = GetObject(ckdcPath)
objComputer.DeleteObject(0)
Set objConfig = GetObject(siteval)
objConfig.DeleteObject(0)
oDCSelect = Replace(oDCSelect, "CN=", ""
msgval = "Metadata Cleanup Completed for " & oDCSelect
msgbox msgval,,"Notice."
intelwizrd
IS-IT--Management
if you want to pull the dc out of the metabase that way, it will work but there still might be a problem if you have more than two right now. try running repadmin /syncall from the dc's and see if it comes up with any errors, or have you tried this already?
- Status
Similar threads
- Locked
- Question