P
Philip
Help
I used to have 2 win2k DC's. One of them got stolen. How
do I remove it from AD?
Thanks
I used to have 2 win2k DC's. One of them got stolen. How
do I remove it from AD?
Thanks
C
Chriss3
Hi Philip.
See the KB below:
HOW TO: Remove Data in Active Directory After an Unsuccessful Domain
Controller Demotion:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;216498
See the KB below:
HOW TO: Remove Data in Active Directory After an Unsuccessful Domain
Controller Demotion:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;216498
P
Philip
Thank you Chris for your help!
C
Chriss3
I'm glad I can help, have a nice day!
J
Jimmy Andersson [MVP]
You can use Ldp to delete it, make sure you also delete all references to
it.
Regards,
/Jimmy
it.
Regards,
/Jimmy
M
Mike Leone
I have to remove a server that is *not* in the site. Consequently, these
directions aren't working for me, since I can never choose the server to be
deleted.
The server in question is an old NT4 BDC, that has physically been removed.
My "Sites" only lists my 2 Win2K servers, that are DCs (i.e., have had
DCPromo run on them). Obviously, this old NT server could not have had
DCPromo run on it.
So how can I remoe it? Just deleting it in "AD Users and Computers" gives a
"DSA Object can not be deleted" error, and the fix for that error message,
is supposed to be the KB article you quote below. :-(
directions aren't working for me, since I can never choose the server to be
deleted.
The server in question is an old NT4 BDC, that has physically been removed.
My "Sites" only lists my 2 Win2K servers, that are DCs (i.e., have had
DCPromo run on them). Obviously, this old NT server could not have had
DCPromo run on it.
So how can I remoe it? Just deleting it in "AD Users and Computers" gives a
"DSA Object can not be deleted" error, and the fix for that error message,
is supposed to be the KB article you quote below. :-(
S
Santhosh Sivarajan
Have you tired the proceedure according to the KB article? You have to do a
metadata clean up!
metadata clean up!
M
Mike Leone
What is "Ldp"? Do you mean LDAP? If so, how? isn't it dangerous to change AD
that way (i.e., not using the MS-specific tools)?
that way (i.e., not using the MS-specific tools)?
J
Jimmy Andersson [MVP]
Ldp is a tool from MS.
http://support.microsoft.com/default.aspx?scid=kb;en-us;224543
Regards,
/Jimmy
--
Jimmy Andersson, Q Advice AB
Microsoft MVP - Directory Services
---------- www.qadvice.com ----------
http://support.microsoft.com/default.aspx?scid=kb;en-us;224543
Regards,
/Jimmy
--
Jimmy Andersson, Q Advice AB
Microsoft MVP - Directory Services
---------- www.qadvice.com ----------
M
Mike Leone
As I said - I have tried this procedure. I can not do a metadata cleanup in
the way the directions say, because the directions tell me to choose the
server to be deleted from a list. And the server to be deleted is not on the
list, and so I can't tell it what to delete and cleanup.
the way the directions say, because the directions tell me to choose the
server to be deleted from a list. And the server to be deleted is not on the
list, and so I can't tell it what to delete and cleanup.
J
Jimmy Andersson [MVP]
Take a look at these KBs, they might help:
Domain Controller Server Object Not Removed After Demotion:
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q216364
Error Deleting a Domain Controller Account in Active Directory Users and
Computers:
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q247393
Regards,
/Jimmy
Domain Controller Server Object Not Removed After Demotion:
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q216364
Error Deleting a Domain Controller Account in Active Directory Users and
Computers:
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q247393
Regards,
/Jimmy
M
Mike Leone
Jimmy Andersson said:
Thanks. This says ...
1.. "Double-click the Sites branch to expand it, and then double-click the
appropriate site's branch (the site the server resides in) to expand it.
2.. Double-click the server's container, right-click the server object,
and then click Delete."
The BDC server to be deleted is not in Sites and Services, and so can not be
chosen for deletion.
Thanks. This says "To resolve this issue, delete the Domain Controller's
server object from Active Directory Sites and Services Management Console".
The BDC server to be deleted is not in Sites and Services, and so can not be
chosen for deletion.
This is an old NT BDC we're talking about. I am not demoting it to a member
server, nor using DCPromo (which only works on Win2K). I just want the
antique thing gone from my AD, since I don't need it anymore ....
At this point, I guess I should be asking ... how do I add an NT BDC to my
Sites and Services, so that I can then use one of these innumerable deletion
methods that all seem to depend upon membership in Sites and Services?
J
Jimmy Andersson [MVP]
Ok, I can't find the whole thread for some reason and this might have been
covered already, but have you tried to delete it with Ldp?
Regards,
/Jimmy
--
Jimmy Andersson, Q Advice AB
Microsoft MVP - Directory Services
---------- www.qadvice.com ----------
covered already, but have you tried to delete it with Ldp?
Regards,
/Jimmy
--
Jimmy Andersson, Q Advice AB
Microsoft MVP - Directory Services
---------- www.qadvice.com ----------
M
Mike Leone
It's been mentioned, and I do have the tool, but I have no list of specific
steps to take, and I am very leery of just deleting things without an
explicit list of steps. I do not want to irretreivably break my AD, by just
guessing at what do to, especially with such a tool as this.
steps to take, and I am very leery of just deleting things without an
explicit list of steps. I do not want to irretreivably break my AD, by just
guessing at what do to, especially with such a tool as this.
J
Jimmy Andersson [MVP]
Totally understand that, Ldp is powerful and I love it! 
It's kind of hard to write a step-by-step since I don't know anything about
your environment.
Do you feel comfortable working with ADSIEdit? Try to browse the NCs and
find references to your old BDC.
Regards,
/Jimmy
--
Jimmy Andersson, Q Advice AB
Microsoft MVP - Directory Services
---------- www.qadvice.com ----------
It's kind of hard to write a step-by-step since I don't know anything about
your environment.
Do you feel comfortable working with ADSIEdit? Try to browse the NCs and
find references to your old BDC.
Regards,
/Jimmy
--
Jimmy Andersson, Q Advice AB
Microsoft MVP - Directory Services
---------- www.qadvice.com ----------
M
Mike Leone
Never used ADSIEdit, either. :-( I can find the server to be deleted under
the Domain NC/my DC info/OU=Domain Controllers.
I can hilight it. There are no objects listed under it, or in it - right
pane is blank. Do you suggest that I just choose "DELETE" at this point?
the Domain NC/my DC info/OU=Domain Controllers.
I can hilight it. There are no objects listed under it, or in it - right
pane is blank. Do you suggest that I just choose "DELETE" at this point?
J
Jimmy Andersson [MVP]
I would.
Be sure to also clean-up your DNS references for this object as well.
Regards,
/Jimmy
--
Jimmy Andersson, Q Advice AB
Microsoft MVP - Directory Services
---------- www.qadvice.com ----------
Be sure to also clean-up your DNS references for this object as well.
Regards,
/Jimmy
--
Jimmy Andersson, Q Advice AB
Microsoft MVP - Directory Services
---------- www.qadvice.com ----------
Mike Leone said: