Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How can i remove a total Domain from my Forest

Posted on 2007-12-06
23
Medium Priority
?
360 Views
Last Modified: 2010-03-17
Hi,

I have a Domain which has another domain.
How do i remove the Domain and all its traces.
> Root Domain
>> Child Domain

How do i remove the child Domain.

Regards'
Sharath
0
Comment
Question by:bsharath
  • 10
  • 9
  • 2
  • +2
23 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 20419400
remove all of the DCs for the child domain with DCPromo - make sure that when you remove the last one (the FSMO role holder for the child domian) you specify "This is the last domain controller in the domain" check box.
0
 
LVL 11

Author Comment

by:bsharath
ID: 20419480
I get an error when using DCPROMO

The operation failed because:
Active directory could not transfer the remaining data in directory partition
"The DSA operation is unable to proceed because of the DNS lookup failure"

There is no DNS configured in the server yet

0
 
LVL 1

Expert Comment

by:sterudpa
ID: 20419537
how many servers are we talking about?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 11

Author Comment

by:bsharath
ID: 20419601

> Root Domain has 2 Dc's
>> Child Domain 1 Dc
0
 
LVL 22

Expert Comment

by:cj_1969
ID: 20419634
did you remove the server that was acting as the DNS server for that domain?
If you did you will probably need to configure that service on the last machine in your domain or make it a stand-alone function (not integrated with AD) and have it on another server.
0
 
LVL 11

Author Comment

by:bsharath
ID: 20419661
Child Domain does not have a DNS
Only the root domain has DNS configured.
0
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 1000 total points
ID: 20419664
Or forcibly remove the DC in the child domain using dcpromo /forceremoval, and then perform a metadata cleanup from the root domain of the now-orphaned child domain.  The following article shows you sample ntdsutil commands to remove an orphaned domain; you will need to modify these commands as appropriate for your environment: http://www.windowsitpro.com/Articles/ArticleID/13415/13415.html?Ad=1
0
 
LVL 1

Expert Comment

by:sterudpa
ID: 20419665
you are trying to remove the child domain?
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 20419684
From the original post:

> "How do i remove the child Domain."

Based on this I presume that the OP is attempting to completely remove an Active Directory domain.  If that is not the case, then my instructions are not applicable, and the OP should clarify what they are trying to accomplish.
0
 
LVL 11

Author Comment

by:bsharath
ID: 20419685
sterudpa
Yes
0
 
LVL 1

Expert Comment

by:sterudpa
ID: 20419708
are all servers running and reachable?  Do they have DNS running?
0
 
LVL 11

Author Comment

by:bsharath
ID: 20419753
LauraEHunterMVP

I have a domain which was running fine.Now i just installed a
Additional Domain controller on my existing domain.
I just want to remove this.What should i do.When i tryed Dcpromo it gives the error.
0
 
LVL 11

Author Comment

by:bsharath
ID: 20419786
I want the root domain and all the dc's relevant to it to be as it is.
Just want to remove the child domain and all its traces from my root domain dc's
0
 
LVL 1

Assisted Solution

by:sterudpa
sterudpa earned 1000 total points
ID: 20419844
Check this out.  it talks about DCPROMO /Forceremoval and gives a good description about what to do.

http://www.jsifaq.com/SF/Tips/Tip.aspx?id=7521

0
 
LVL 1

Expert Comment

by:sterudpa
ID: 20419876
I guess I am wondering what information we are missing.  Why wont the Dcpromo work?  Can you ping the DNS server?  Does the child DC have it's ip settings DNS pointing to a server in the domain with DNS running on it?

0
 
LVL 11

Author Comment

by:bsharath
ID: 20419885
Thanks i have used the Dcpromo /forceremoval and cleaned up the Child domain.Now its a stand alone domain.

Now how do i remove the traces from the Root domain and all its dc's
0
 
LVL 1

Expert Comment

by:sterudpa
ID: 20419904
0
 
LVL 11

Author Comment

by:bsharath
ID: 20419990
I have got stuck here
Click Start, point to Programs, point to Accessories, and then click Command Prompt.
2. At the command prompt, type ntdsutil, and then press ENTER.
3. Type metadata cleanup, and then press ENTER. Based on the options given, the administrator can perform the removal, but additional configuration parameters must be specified before the removal can occur.
4. Type connections and press ENTER. This menu is used to connect to the specific server where the changes occur. If the currently logged on user does not have administrative permissions, different credentials can be supplied by specifying the credentials to use before making the connection. To do this, type set creds DomainNameUserNamePassword, and then press ENTER. For a null password, type null for the password parameter.
5. Type connect to server servername, and then press ENTER. You should receive confirmation that the connection is successfully established. If an error occurs, verify that the domain controller being used in the connection is available and the credentials you supplied have administrative permissions on the server.
 

When i type the credentials it does not accept nor when i give null
How should i mention the credentials

I just need to remove the traces of my child domain on the root domain dc's
0
 
LVL 1

Expert Comment

by:sterudpa
ID: 20420100
should be
"set creds" domainname (space) username (space) password

it worked on mine.  
0
 
LVL 11

Author Comment

by:bsharath
ID: 20420145
which domain name should i mention as the child domain i have already demoted it.

Now on the root domain dc's i am doing this.Is that correct.

I tried this command but get error 80070057

0
 
LVL 1

Expert Comment

by:sterudpa
ID: 20420239
should be the root domain.  is the error you get "80070057 parsing input"?
0
 
LVL 1

Expert Comment

by:sterudpa
ID: 20420273
to clarifiy,  you shoud be doing this on one of the servers that are still up and with a account that has admin rights.
0
 
LVL 11

Author Comment

by:bsharath
ID: 20420938
I am doing this from the root Domain - Domain controller.

I have logged to the machine with the Domain admin credentials.


0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Let's recap what we learned from yesterday's Skyport Systems webinar.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question