Remove on DC using NTDSUtil

compdigit44
compdigit44 used Ask the Experts™
on
I'm running the Exchange 2010 BPA tools and its detecting an old DC that has long since been removed. Anyway I have gohe through, ntdsutil, ADSIEDIT and DNS and cannot find and reference to this DC, yet BPA is still detecting it.

Any thoughts
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2013

Commented:
Did you double check sites and services, looks like you did a good job in the other areas.

Thanks


Mike
Top Expert 2012

Commented:
So, you did go through metadata cleanup to remvoe, right?

http://www.petri.co.il/delete_failed_dcs_from_ad.htm

Author

Commented:
I have a parent child domain and the DC is not listed in Sites in Services in either domain. ALso I have tried using metadate cleanup but it doesn't detect the server which I need to remove
C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

Top Expert 2012

Commented:
Has be listed in metadata some where. Post the Exchange BPA report

Author

Commented:
I cannot post the BPA results..Is there a why I can run a search in NTDSUTIL
Top Expert 2012

Commented:
No search function

Author

Commented:
I have been though the MS KB 5 times already yet I know this DC is references some where.

Author

Commented:
what about a ldap search???
Top Expert 2012

Commented:

Author

Commented:
Yes, it didn't find the server
Top Expert 2012

Commented:
So, when you go through these steps

Determine the DN of the server
There are several ways to obtain the DN of the server object that is to be removed. The following example uses Ldp.exe. To obtain the DN by using Ldp.exe, follow these steps:
Run LDP.
Bind to rootDSE.
Select View\tree. Base DN should be cn=configuration,dc=rootdomain,dc=<suffix>.
Expand Sites.
Expand the site where the server object resides.
Expand Servers.
Expand the server that you are removing.
Look for a line on the right hand side that starts with DN.
Copy whole line excluding the DN.

Example snip of the first part of the LDP spew:

You find nothing on this server?

Author

Commented:
when I go to sites in LDP there is nothing for me to expand....
Top Expert 2012

Commented:
So, you have no sites listed?

Do dcdiag post results

Author

Commented:
Here are the dcdiag results......



Directory Server Diagnosis


Performing initial setup:

   Trying to find home server...

   Home Server = ServerA

   * Identified AD Forest.
   Done gathering initial info.


Doing initial required tests

   
   Testing server: HQ\ServerA

      Starting test: Connectivity

         ......................... ServerA passed test Connectivity



Doing primary tests

   
   Testing server: HQ\ServerA

      Starting test: Advertising

         ......................... ServerA passed test Advertising

      Starting test: FrsEvent

         ......................... ServerA passed test FrsEvent

      Starting test: DFSREvent

         ......................... ServerA passed test DFSREvent

      Starting test: SysVolCheck

         ......................... ServerA passed test SysVolCheck

      Starting test: KccEvent

         ......................... ServerA passed test KccEvent

      Starting test: KnowsOfRoleHolders

         ......................... ServerA passed test KnowsOfRoleHolders

      Starting test: MachineAccount

         ......................... ServerA passed test MachineAccount

      Starting test: NCSecDesc

         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have

            Replicating Directory Changes In Filtered Set
         access rights for the naming context:

         DC=DomainDnsZones,DC=company,DC=org
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have

            Replicating Directory Changes In Filtered Set
         access rights for the naming context:

         DC=ForestDnsZones,DC=company,DC=org
         ......................... ServerA failed test NCSecDesc

      Starting test: NetLogons

         ......................... ServerA passed test NetLogons

      Starting test: ObjectsReplicated

         ......................... ServerA passed test ObjectsReplicated

      Starting test: Replications

         ......................... ServerA passed test Replications

      Starting test: RidManager

         ......................... ServerA passed test RidManager

      Starting test: Services

         ......................... ServerA passed test Services

      Starting test: SystemLog

         ......................... ServerA passed test SystemLog

      Starting test: VerifyReferences

         ......................... ServerA passed test VerifyReferences

   
   
   Running partition tests on : DomainDnsZones

      Starting test: CheckSDRefDom

         ......................... DomainDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... DomainDnsZones passed test

         CrossRefValidation

   
   Running partition tests on : ForestDnsZones

      Starting test: CheckSDRefDom

         ......................... ForestDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... ForestDnsZones passed test

         CrossRefValidation

   
   Running partition tests on : Schema

      Starting test: CheckSDRefDom

         ......................... Schema passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Schema passed test CrossRefValidation

   
   Running partition tests on : Configuration

      Starting test: CheckSDRefDom

         ......................... Configuration passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Configuration passed test CrossRefValidation

   
   Running partition tests on : company

      Starting test: CheckSDRefDom

         ......................... company passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... company passed test CrossRefValidation

   
   Running enterprise tests on : company.org

      Starting test: LocatorCheck

         ......................... company.org passed test LocatorCheck

      Starting test: Intersite

         ......................... company.org passed test Intersite
Top Expert 2012

Commented:
All looks good
Top Expert 2012

Commented:
Go into DNS check to see if record exist for the DC here. Check SRV records and all I think we are going to find the problem here.

The DC is not listed in AD if it was you would get a error message when running dcdiags and repadmin /syncall

Author

Commented:
There are no SRV or A records for this DC listed.
Top Expert 2012

Commented:
Run repadmin /syncall

Author

Commented:
Problem solved. it turns out this server wasn't in AD. The Exchange BPA tools was picking up a reference to this servers in a old config file on my Exchange 2003 server
Top Expert 2013

Commented:
Nicely done and good information to have for the future.
Top Expert 2012
Commented:
Good to know. Thanks for letting us know. I knew it wasn't in AD anymore. I never thought about Exchange

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial