Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Procedure for removal of dead DC. 2

Status
Not open for further replies.
DTracy

DTracy

Programmer
Feb 20, 2002
844
US
I have a replication problem and I believe it stems from an old, dead DC that is no longer connected to the LAN. This old DC shows up in the AD Sites and Servers, also in the event logs as an error condition--no connection, etc.

What would be the correct procedure for safely removing that server from the domain?

Thanks and regards,
David.
 
Sort by date Sort by votes
How to remove data in Active Directory after an unsuccessful domain controller demotion


Paul

MCSE 2003

"Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe."
Albert Einstein
 
Upvote 0 Downvote
You will find it easier to use the script at the end of my FAQ: faq96-4733

After running the script just remove any DNS entries for the defunct server.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
Upvote 0 Downvote
Thanks for the replies, sorry I didn't get back sooner, I was detained...

Ok, the deal is this server was the one used to upgrade from NT4 last year. It had NT4 installed, then upgraded to W2K, then upgraded to W2k3, and was used as a temporary DC of our domain until it was replicated onto the new server. It was then demoted and the new server was made into the DC. After that it was disconnected and disassembled/stored.

The domain was working fine until a few months ago when we were broken into from the outside through the firewall. After that incident the event logs began showing various errors--security, DNS, and Replication. I've been tracking down the problem through the event logs and I'm sure that they now stem from this old DC, there's mention of that old server name in the error messages.

I can't reconnect the old DC. Does the same procedure apply for a non-existent server?

Thanks,
David
 
Upvote 0 Downvote
Hi all,

I couldn't get that ntdsutil program to help me at all. It simply would not recognise that old server. So, I manually deleted all references that I could find in the AD, DNS, and DHCP to that old server. The LAN is still up (Thank You Jesus!) I'll tackle the security errors one at a time.

Thanks to all for the suggestions and help, it is greatly appreciated.

Best regards,
David.
 
Upvote 0 Downvote
David, the script in my FAQ will do the job. You will probably still get replication errors in your event logs unless you clean up the metabase.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
Upvote 0 Downvote
Hi Mark,

I ran that script on both the DC and the BDC looking for that dead server. The response from both servers was "The domain controller you entered was not found in the active directory."

So, I went about the manual deletion process.

Thanks,
David.
 
Upvote 0 Downvote
You mention a BDC, are you still in a mixed 2003/NT environment?

In 2000 and 2003 there are no BDCs, all servers are peer DCs.

Anyway, it sounds like you got rid of all references to the old server.

As a final check I would run NETDOM QUERY DC.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
Upvote 0 Downvote
That's a nice faq Mark and a nice script, I hadn't seen that faq before. Wish I had instead of using ntdsutil like some kind moron over the years. :->

Paul



"Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe."
Albert Einstein
 
Upvote 0 Downvote
Mark,

Sorry about the BDC thing, a slip from the old vocabulary.

Thanks for your help on this problem, now for the security things.

Best regards,
David.

P.S. Do you live in Gilbert? My sister lives there, and my daughter lives in Chandler.
 
Upvote 0 Downvote
Yes David, I am in Gilbert AZ. I teach Japanese Swordfighting in Chandler when I am not working on computers. :)

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Abdullah Al Maruf
  • Locked
  • Question
Telnet help for
Replies
2
Views
575
gbaughma
gbaughma
mangentle
  • Locked
  • Question
What are the key advantages of using Microsoft Windows Servers for businesses?
Replies
1
Views
932
gbaughma
gbaughma
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
609
DrB0b
DrB0b
nukeinfer
  • Locked
  • Question
Internet restrictions for isolated PCs in the Network
Replies
1
Views
514
mangentle
mangentle
Teo En Ming
  • Locked
  • Question
Actions taken during Disaster Recovery for client whose IBM Megaraid controller has failed
Replies
2
Views
501
fightaccording
fightaccording

Part and Inventory Search

Sponsor

Back
Top