Solved

Active Directory cleaning after role seizure

Posted on 2012-04-05
4
502 Views
Last Modified: 2012-06-27
Hi everyone,

I had a network with the 2 DC's below.

DC 1: Windows Server 2003, holder of all FSMOs.
DC 2: Windows Server 2008.

DC1 died, and it was not possible to recover.  I seized all roles on DC2, and the domain is working just fine.

My question...

I need to clean up the AD by removing all references to DC1.  As DC1 is forever a memory, what is the best (and complete) way to do this?


I know that this will most likely involve ADSI.  If so, please be as specific as possible.

Many, many thanks!

Barron
0
Comment
Question by:barronfraker
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 250 total points
ID: 37814677
The best way to do this is using ntdsutil and the correct steps are outlined in the following link:

http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 250 total points
ID: 37814678
It used to involve ntdsutil  (you can still use that method)  but in 2008 it gets easier because a lot of it is through the GUI

http://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx

when this is done and you are ready try and get another DC up as soon as you can.   This example is perfect for illustrating why 2 DCs is always key.

Thanks

Mike
0
 
LVL 79

Expert Comment

by:arnold
ID: 37814740
The server might not be coming back, but unless you wait till tombstone period the setup a second dc as recommended, the dc1 can be reused for the replacement server.
0
 
LVL 2

Author Comment

by:barronfraker
ID: 37814898
alanhardisty and  mkline71,

Both your posts were helpful.  The GUI-based approach made this last a lot less longer than I had expected, but true to form, Microsoft's solution was incomplete.  Alan's Petri link filled in the blanks (like cleaning out DNS), so now everything is running smoothly.

Thanks to you both!

Barron
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question