Solved

NTDSUtil.exe tools

Posted on 2006-11-17
3
780 Views
Last Modified: 2008-03-10
We add new AD on the same forest2 into our infrastructure and decided to do separate forest, our admin remove the 2 DC unsuccessfully now there is a remains into the original AD. we have to clean it up using ntdsutil tools. can anybody provide me with the step by step procedure and what is the risk of doing this.
0
Comment
Question by:rreclusado
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 22

Expert Comment

by:mcsween
ID: 17970578
Follow these 2 sections to cleanup failed DCs in the domain.  Do not follow this unless these servers are permanantly offline.  If you remove a server that is still online by accident then that server must be taken offline and re-promoted to continue to serve AD.

Removing the failed server object
Cleaning metadata of removed domain controllers
http://technet2.microsoft.com/WindowsServer/en/library/8e3e4377-ef54-4a70-9215-a5d2ba4d0eb91033.mspx?mfr=true
0
 

Author Comment

by:rreclusado
ID: 17982892
It doesnt say any risk on doing this procedure is ther a  risk on cleaning up metadata.
0
 
LVL 22

Accepted Solution

by:
mcsween earned 500 total points
ID: 17983717
yea, the risk is that you will remove a DC that's still online by mistake.  If that happens you may have to seize FSMO roles and demote and re-promote that DC.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question