Removing PC's from AD that were destroyed

[dominictiberio]

Hello,

We recently had a fire and 5 workstations and a server (a DC) were
destroyed. I need to properly remove them from Active Directory so I
can add the new replacement PC's and Server. I have searched and
followed the KB 216498 article that is so often referenced, however it
doesn't touch on how to remove the PC's from AD. Do I just go into AD
Users and Computers and delete them? Any and all help is greatly
appreciated, Thanks!

 

[Guest]

Yep, just removing the client object from AD and replicating round the
deletion should be sufficient for clients. Obviously the DC would have to
have all of it's metadata removed using ntdsutil.

Cheers,
Ewan

 

[dominictiberio]

OK, I was hesitant to delete the PC's from AD because it gives a
warning about it will remove the associated mailbox's (there is no
mailbox for the PC name, just individual users).

As far as the DC I followed the KB 216498 article, however I was unable
to do the ntdsutil part because it does not see the server. I manually
deleted the NTDS settings and did all of the rest of the removal via
ADSI Edit, I'm hoping that is enough.

If anyone can advise on the removal of the PC warning I'm seeing about
the mailbox, or if I have done enough removal with the DC, again it is
very much appreciated. Disasters are no fun.

Thanks to all!

 

[Guest]

The fact that you cannot see the DC in ntdsutil sounds like it has been
removed properly. Some other things to check for are SRV records being left
behind for the old server and replication errors trying to replicate to the
old server.

As for the PC's I have never heard of the error you are getting when
removing a computer object. It sounds a stupid question but are you 100%
sure they are the clients you think they are and not actually server or user
objects??

 

[Paul Bergson]

You must have the Exchange piece loaded on this workstation/server.
Whenever you delete a user/computer it gives you that warning whether or not
it exists. So if they are only machines feel free to delete them.

216498 is the correct KB article to follow. But you should attempt to
attach to the working DC and remove all the pieces via ntdsutil. Also you
need to make sure all your fsmo roles exist on your new server.


http://support.microsoft.com/default.aspx?scid=kb;en-us;255504


I would also suggest doing the following

Try running netdiag, repadmin and dcdiag. Look for fail, error and warning
errors.

If you don't have the tools installed load them from your install disk.

d:\i386\adminpak.msi (Server tools for remote management of servers)
d:\support\tools\setup.exe (Server Utilities)

Copy the following to a cmd file and run look for error, fail and warn
within the reports. Post any errors you can't figure out. make sure you
modify DC_Name to the name of a dc in your domain.

@echo off

c:
cd \
cd "program files\support tools"

del c:\dcdiag.log
dcdiag /e /c /v /sC_Name /f:c:\dcdiag.log
start c:\dcdiag.log

netdiag.exe /v > c:\netdiag.log
start c:\netdiag.log

repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt
start c:\repl.txt


See for more details

http://www.microsoft.com/technet/pr...Ref/1d4ce93c-54f2-4069-a708-251509c38837.mspx

--


Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA

This posting is provided "AS IS" with no warranties, and confers no rights.