Active Directory Sites and Services

Hi,

We have 4 Servers in our domain,

Primary ( GC )
Exchange 01 ( GC )
Exchange 02
Apps

The exchange02 used to be a dc but when we removed the role it still show in the active directory sites and services etc, i think it is causing some issue on the network etc, is it safe to delete this from that section of AD or will it effect anything ?

Thanks

Jon
Comex_ITAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Premkumar YogeswaranConnect With a Mentor Analyst II - System AdministratorCommented:
Hi Jon,

You can right click and delete the DC directly and then you can run the metadata cleanup..
Please find the microsoft article for Unsuccessful removal of DC form the domain.

http://technet.microsoft.com/en-us/library/cc816907(WS.10).aspx

http://smtp25.blogspot.com/2008/10/server-2008-metadata-cleanup.html

Good Luck.. It will work fine..

Cheers,
Prem
0
 
dontsemeCommented:
use ntdsutil in a command windows from a DC and view the FSMO Roles that are assigned to your server. Verify all roles are relocated to the other DC's
http://support.microsoft.com/kb/255504

Or look at this if you dont want to use Ntdsutil (would still verify with it though)
http://support.microsoft.com/kb/324801/en-us
0
 
dutchgeekCommented:
You can not just remove it. You will have to check if the current DC holds all FSMO roles. You can do this with NTSUtil.
The current DC will have to hold 5 roles in total being:
schema master
RID master
PDC
Domain naming master
Infrastructure Master

Make sure also that the current DC is a Global catalog server and that DNS is fully replicated.
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
Krzysztof PytkoActive Directory EngineerCommented:
If you are really sure that it is no DC anymore you can simply delete it. But first run dcdiag on your existing DC and check what kind of errors do you have.
0
 
Comex_ITAuthor Commented:
sorry, im a bit confused, if i run the ntsutil will that check ?

do i need to run it on the old exchange02 server ?

0
 
Comex_ITAuthor Commented:
If you notice you can expand Primary or Exchange01 it does but not exchnage02 its blank this used to be a dc etc .....
sites-and-services.jpg
0
 
Comex_ITAuthor Commented:
if you look at the screenshot here it show exchange02 being a dc ......
properties-exchange02-sites-and-.jpg
0
 
tspreethCommented:

Hi ,
You can check if your exchange02 is FSMO ROle Holder .
Follow the steps mentioned in this link
http://www.petri.co.il/determining_fsmo_role_holders.htm 
If there is no Roles. You can demote the DC .
By running DCPROMO .
0
 
dutchgeekCommented:
Run NTDSutil on the current DC
start, run
type NTDSutil
type roles, press enter
type connections, press enter
type connect to server primary, press enter
from "server connections" type q and than press enter
from "FSMO roles" type seize pdc pres enter
you will get a warning box. Read carefully. It will state exactly which machine holds all FSMO roles.If this is allready the Primary you can cancel and do not have to do anything more than check DNS replication.
0
 
Comex_ITAuthor Commented:
I did demote it already though, but for some reason its still showing as a dc like in the screen shot
0
 
dutchgeekCommented:
Did you check the FSMO roles allready? What was the outcome?

0
 
Comex_ITAuthor Commented:
As per screenshot it coes up with Primary etc, i remember running dcpromo a while ago and demoting the server but its still showint in ad sites and services etc
ntdsutil.jpg
0
 
dutchgeekCommented:
You would have to click yes in the screenshot you send. It will than attempt to seize the role. Afterwards it wil give an overview in the dos box wich states what roles belong to which server.

If thes all belong to your server called "primary" the next thing to check is if the DNS is fully populated on your "primary".

After that I would shut down exchange02. go to one workstation, renew dhcp, reboor machine. logon on to the network. See if all network drives are availeble and if you loinscripts run fine. Check if mail is availeble.

If this all works fine and there are no strange errors in the log file of the "primary" it should be quite safe to move the echange02 from "domain controllers" to the "computers" container in AD.
0
 
tspreethCommented:
You can clean up the meta data by the steps given in the link below. http://support.microsoft.com/kb/216498
0
All Courses

From novice to tech pro — start learning today.