Getting rid of old DC references

[Guest]

for reference:
FS1 = old original DC that is now demoted to just a domain member
FS2 = second DC that was introduced. came online to partner with FS1
FS3 = newer DC that replaced the aging FS1. Was promoted after FS1 was
demoted

In the DS event viewer on FS2, NTDS Replication is complaining about a
replication that failed. DCDIAG on FS2 says that a recent replication has
failed and the last success was on 12/10/2004 which about when I demoted FS1.
REPADMIN on FS2 says that one of the inbound neighbors is FS1 (deleted DSA)
via RPC. ADS Sites and Services just lists the two current DC's (FS2 and
FS3) so I am not sure where to go to get rid of the references of FS1. FS3
is also listing FS1 as an inbound neighbor (deleted DSA) as well. Thoughts?
Thanks!

 

[Herb Martin]

for reference:
FS1 = old original DC that is now demoted to just a domain member
FS2 = second DC that was introduced. came online to partner with FS1
FS3 = newer DC that replaced the aging FS1. Was promoted after FS1 was
demoted

In the DS event viewer on FS2, NTDS Replication is complaining about a
replication that failed. DCDIAG on FS2 says that a recent replication has
failed and the last success was on 12/10/2004 which about when I demoted FS1.
REPADMIN on FS2 says that one of the inbound neighbors is FS1 (deleted DSA)
via RPC. ADS Sites and Services just lists the two current DC's (FS2 and
FS3) so I am not sure where to go to get rid of the references of FS1. FS3
is also listing FS1 as an inbound neighbor (deleted DSA) as well. Thoughts?
Thanks!

The DC was not properly removed from the domain
(while online and connected to the others so it could
be removed automatically.)

The tool to use is NTDSUtil, the area called "Metadata
Cleanup".

It is not difficult but the process is tedious and described
in MS KB articles and elsewhere so....

Google:

[ ntdsutil "metadata cleanup" remove DC domain ]

or

[ ntdsutil "metadata cleanup" remove DC domain site:microsoft.com]

The latter will restrict you search to JUST the MS site.
[/QUOTE]

 

[Guest]

Thanks for the link Herb.

When in ntdsutil, when I get to the part to "list servers in site" it only
shows FS2 and FS3... which is correct. No reference to FS1.

I don't know what happened to get this screwed up. FS1 demoted just fine,
nice and clean, and I was able to remove it from the sites list. I don't
know how it continues to get referenced.

Kevin

for reference:
FS1 = old original DC that is now demoted to just a domain member
FS2 = second DC that was introduced. came online to partner with FS1
FS3 = newer DC that replaced the aging FS1. Was promoted after FS1 was
demoted

In the DS event viewer on FS2, NTDS Replication is complaining about a
replication that failed. DCDIAG on FS2 says that a recent replication has
failed and the last success was on 12/10/2004 which about when I demoted FS1.
REPADMIN on FS2 says that one of the inbound neighbors is FS1 (deleted DSA)
via RPC. ADS Sites and Services just lists the two current DC's (FS2 and
FS3) so I am not sure where to go to get rid of the references of FS1. FS3
is also listing FS1 as an inbound neighbor (deleted DSA) as well. Thoughts?
Thanks!

The DC was not properly removed from the domain
(while online and connected to the others so it could
be removed automatically.)

The tool to use is NTDSUtil, the area called "Metadata
Cleanup".

It is not difficult but the process is tedious and described
in MS KB articles and elsewhere so....

Google:

[ ntdsutil "metadata cleanup" remove DC domain ]

or

[ ntdsutil "metadata cleanup" remove DC domain site:microsoft.com]

The latter will restrict you search to JUST the MS site.

[/QUOTE]

 

[Herb Martin]

Thanks for the link Herb.

When in ntdsutil, when I get to the part to "list servers in site" it only
shows FS2 and FS3... which is correct. No reference to FS1.

Maybe the server is in a different site?

I have never seen a case of the DC ghosting
around unless it was visible in on of those.

I don't know what happened to get this screwed up. FS1 demoted just fine,
nice and clean, and I was able to remove it from the sites list. I don't
know how it continues to get referenced.

You are not supposed to "remove it from the sites list"
by hand.

That may be why it doesn't show in the site, when it
is still around in the Domain.


--
Herb Martin

Kevin

for reference:
FS1 = old original DC that is now demoted to just a domain member
FS2 = second DC that was introduced. came online to partner with FS1
FS3 = newer DC that replaced the aging FS1. Was promoted after FS1 was
demoted

In the DS event viewer on FS2, NTDS Replication is complaining about a
replication that failed. DCDIAG on FS2 says that a recent replication has
failed and the last success was on 12/10/2004 which about when I

demoted
FS1.

REPADMIN on FS2 says that one of the inbound neighbors is FS1

(deleted
DSA)

via RPC. ADS Sites and Services just lists the two current DC's (FS2 and
FS3) so I am not sure where to go to get rid of the references of FS1. FS3
is also listing FS1 as an inbound neighbor (deleted DSA) as well. Thoughts?
Thanks!

The DC was not properly removed from the domain
(while online and connected to the others so it could
be removed automatically.)

The tool to use is NTDSUtil, the area called "Metadata
Cleanup".

It is not difficult but the process is tedious and described
in MS KB articles and elsewhere so....

Google:

[ ntdsutil "metadata cleanup" remove DC domain ]

or

[ ntdsutil "metadata cleanup" remove DC domain site:microsoft.com]

The latter will restrict you search to JUST the MS site.

[/QUOTE]

 

[Guest]

Maybe the server is in a different site?
Nope, I'm a single site shop. No where else for it to hide.

You are not supposed to "remove it from the sites list"
by hand.

That may be why it doesn't show in the site, when it
is still around in the Domain.

Ah, this I did not know. Once you demote a DC, you leave it alone and let
the ADS manage the cleanup from there?

Thanks for the tips!

 

[Herb Martin]

Nope, I'm a single site shop. No where else for it to hide.


Ah, this I did not know. Once you demote a DC, you leave it alone and let
the ADS manage the cleanup from there?

Yes, but it is probably the case that this didn't
fully complete -- and then you deleted the site
reference.

It should have removed that to start. Now it
may be difficult to select that DC in NTDSUtil
since it uses the "site number" to do that.