Delete a DC account:'DSA object cannot be deleted'

M

Marlon

One of my Win2000 DCGC crashed.
Since I already have Win2003 DC's introduced in my AD domain, I want to
install Win2003 on such hardware instead.

I ran ntdsutil and I did a metdata cleanup and removed such computer account
from AD. Under AD Sites and services, I deleted the object name from there.

Now I go to AD Users & Computers and I attempt to delete the "DC-server3"
from AD, so that I can join the new Win2003 server under the same name.
When I hit "delete", I get the message
"DSA Object cannot be deleted"
How can I get rid of such computer account from AD ?
 
J

Joe Richards [MVP]

The old Windows 2000 GUI is protecting you. In the new GUI you get multiple
choices as to what to do.

You have a couple of options.

1. Use ADSIEDIT to delete the object.
2. Use admod to delete the object.

The admod command would be

admod -b "cn=dcname,ou=domain controllers,dc=domain,dc=com" -rm

With ADSIEDIT you would browse down to the object.

You can get admod here -> http://www.joeware.net/win/free/tools/admod.htm
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

removing failed DC from domain without turning on.?? 3
failed DC - DSA object cannot be deleted after metadata cleanup 1
dsa object cannot be deleted 1
The DSA object cannot be deleted. 2
error raise domain function from win2000 to win2003 0
DSA object could not be deleted 2
how to remove nt4 pdc from Win2000 AD? 2
DSA errors 6

Top