Solved

How to remove non-existing domains

Posted on 2007-11-26
10
439 Views
Last Modified: 2008-06-25
Several weeks ago, the primary Server with 2003 R2 stopped functioning.  After careful research and with help from Microsoft, it was determined that the permission were change in Sysvol.  After several weeks of nightmares, our network is presently working with the following exception.  When I browse through the network, I still see non existing domains.  I have tried using ntdsutil/metadata, unable to find those domains to delete.  Found several articles on experts-exchange all a indicating to use ntdsutil, but I cannot find those domains to delete.  This has not affected our network performance, servers, or users.   But it is a nuisance and I am concerned about possible future problems it might create.  
0
Comment
Question by:Aaron Thorn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +3
10 Comments
 
LVL 7

Expert Comment

by:killbrad
ID: 20353360
Are you sure you ran the ntdsutil from EACH domain controller?
And choose "select server xxx" where xxx is that domain controller?
0
 

Author Comment

by:Aaron Thorn
ID: 20353517
Yes, I did... We have two servers on the domain, one is handling all the roles and active directory.  The second one has exchange 03 and active directory.  I not getting any errors, such as KDC or FSR on the servers.  I did run ntdsutil on each server again today, but to no avail.  I do see the parent domain and child domain.  Also, we do have a trusted with another domain which we are removing.  Used ntdsutil, but did not see the domains.  Possible I might taking the wrong steps, used before sucessfully.
0
 
LVL 19

Accepted Solution

by:
SteveH_UK earned 250 total points
ID: 20353935
Am I correct in thinking that you are browsing using Entire network, etc. (aka Network Neighbourhood).

If so, this relies on two things:

1.  Computer browser service running on computers (restart to clear), if no WINS servers
2.  WINS servers

In WINS, you need to tombstone the dead records, using the WINS management console.
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20353943
It does sound like your AD is clear.

You should review your DNS zones to check there are no AD entries pointing to the old domains, and also remove any obsolete A and PTR records.
0
 
LVL 48

Assisted Solution

by:Jay_Jay70
Jay_Jay70 earned 250 total points
ID: 20353980
are you talking about browsing my network places? if so then its not going to be an AD problem it will be a WIN/Netbios problem....use the nbtstat tool to clear all the cached entries
0
 
LVL 7

Expert Comment

by:killbrad
ID: 20353981
In Windows isnt there also SVR records that need cleared?
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20353998
The SVR records are the DNS records I was referring to.  NTDSUtil, or dcpromo, should remove these records automatically, but sometimes that fails.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 20354121
need to clairfy if you are talking about my network places here....as DNS plays no role in that area
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 20356170
You all beat me to these fixes. It's all good information.

Good luck author.
0
 

Expert Comment

by:insharafi
ID: 21871920
0

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question