Remove stolen domain controller

R

Rolf

One of the domain controllers has been stolen.
How can I remove the name from active directory users and computer?
When I try to delete the server, I am informed that this cannot be done.

Rolf
 
C

Cary Shultz [A.D. MVP]

Rolf,

You would need to use both NTDSUTIL and ADSIEdit to do this on a remaining
DC. Take a look at the following MSKB Article:

http://support.microsoft.com/?id=216498

You will need to install the Support Tools in order to make use of ADSIEdit.
The Support Tools can be found on the WIN2000 Server CD as well as on the
WIN2000 Service Pack CD in the Support | Tools folder.

HTH,

Cary
 
H

Herb Martin

Cary gave you the methods -- NTDSUtil is the normal way.

Consider this too: CHANGE ALL PASSWORDS.

If I own your AD, I can bust your passwords. It's not even
hard in 99% of the cases.
 
H

Herb Martin

Cary Shultz said:
Great point, Herb. It would not take that long at all!
Click to expand...

In most configurations 12 seconds per account. Really,
I have seen it done.

And the key here is that they would have the SOURCE password,
not just the hash or just access to the one server.

With those source passwords they could even access EFS
encrypted files.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

AD issue with DC after Server was stolen 7
domain crash 2
How to remove a DC that is stolen 16
can't promote to domain controllers 2
Cannot delete domain in an existing forest 0
Remove Domain Controller 5
removing domains 1
Removing Domain Controller From AD. 3

Top