Remove of Domain Controllers

[JR Trent]

I have 2 domain controllers I need to remove from AD - one
which is an NT 4.0 box & one which was W2K but crashed &
was replaced with a different server (with the same IP as
the old one) & is no longer available for dcpromo
demotion. We are in a mixed mode domain & desire to
remove the NT in order to be native mode. The W2K we want
to remove just to be clean & not see these "lovely"
replication errors anymore. I've tried using ntdsutil as
recommended in KB article 216498, but get an error that is
as follows: DsBindWithCredW error 0x6d9(There are no more
endpoints available from the endpoint mapper.) I have
searched everywhere I can think of to no avail to find out
what this error is & how to avoid or work around it. Any
assistance would be much appreciated!

 

[ptwilliams]

Re. the endpoint mapper question:
-- Is the DC that you are trying to bind to behind a firewall??

In order to clean up your domain, you will need to perform the steps listed
in that article. Are you connecting (binding) to the existing DC (not the
missing one)? You need to connect to the existing one to delete the missing
one; you cannot connect to the missing one.

The NT box can simply be powered off and then the computer object deleted
from it's container. I've heard talk of difficulties deleting the account
from dsa.msc. If you have this, you'll need to delete the object by using
ADSIEdit (support tools).


--

Paul Williams
_________________________________________
http://www.msresource.net


Join us in our new forums!
http://forums.msresource.net
_________________________________________


I have 2 domain controllers I need to remove from AD - one
which is an NT 4.0 box & one which was W2K but crashed &
was replaced with a different server (with the same IP as
the old one) & is no longer available for dcpromo
demotion. We are in a mixed mode domain & desire to
remove the NT in order to be native mode. The W2K we want
to remove just to be clean & not see these "lovely"
replication errors anymore. I've tried using ntdsutil as
recommended in KB article 216498, but get an error that is
as follows: DsBindWithCredW error 0x6d9(There are no more
endpoints available from the endpoint mapper.) I have
searched everywhere I can think of to no avail to find out
what this error is & how to avoid or work around it. Any
assistance would be much appreciated!

 

[Cary Shultz [A.D. MVP]]

JR,

Endpoint Mapper issues are usually RPC errors ( IIRC ). Please take a look
at the following MSKB Article:

http://support.microsoft.com/?kbid=839880


HTH,

Cary

 

[Matjaz Ladava [MVP]]

you have to connect to a live DC in order to do a metadata cleanup. no more
enpoints available can also show DNS problems. When exactly do you get this
error ?

--
Regards

Matjaz Ladava
MVP Windows Server - Directory Services
(e-mail address removed), (e-mail address removed)

 

[Cary Shultz [A.D. MVP]]

Paul,

I did take a look at the article ( it has been awhile since I actually
looked at it ) and noticed that it does specify twice that you need to bind
to an existing DC.

Cary

 

[ptwilliams]

Ah, then it must just be the fear factor causing so many people to make this
mistake... ;-)

I'll take your word for it and not bother sending this re-write to MS ;-)


--

Paul Williams
_________________________________________
http://www.msresource.net


Join us in our new forums!
http://forums.msresource.net
_________________________________________


Paul,

I did take a look at the article ( it has been awhile since I actually
looked at it ) and noticed that it does specify twice that you need to bind
to an existing DC.

Cary