• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 845
  • Last Modified:

NTDSUtil.exe tools

We add new AD on the same forest2 into our infrastructure and decided to do separate forest, our admin remove the 2 DC unsuccessfully now there is a remains into the original AD. we have to clean it up using ntdsutil tools. can anybody provide me with the step by step procedure and what is the risk of doing this.
0
rreclusado
Asked:
rreclusado
  • 2
1 Solution
 
mcsweenSr. Network AdministratorCommented:
Follow these 2 sections to cleanup failed DCs in the domain.  Do not follow this unless these servers are permanantly offline.  If you remove a server that is still online by accident then that server must be taken offline and re-promoted to continue to serve AD.

Removing the failed server object
Cleaning metadata of removed domain controllers
http://technet2.microsoft.com/WindowsServer/en/library/8e3e4377-ef54-4a70-9215-a5d2ba4d0eb91033.mspx?mfr=true
0
 
rreclusadoAuthor Commented:
It doesnt say any risk on doing this procedure is ther a  risk on cleaning up metadata.
0
 
mcsweenSr. Network AdministratorCommented:
yea, the risk is that you will remove a DC that's still online by mistake.  If that happens you may have to seize FSMO roles and demote and re-promote that DC.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now