Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Active Directory cleaning after role seizure

Posted on 2012-04-05
4
Medium Priority
?
506 Views
Last Modified: 2012-06-27
Hi everyone,

I had a network with the 2 DC's below.

DC 1: Windows Server 2003, holder of all FSMOs.
DC 2: Windows Server 2008.

DC1 died, and it was not possible to recover.  I seized all roles on DC2, and the domain is working just fine.

My question...

I need to clean up the AD by removing all references to DC1.  As DC1 is forever a memory, what is the best (and complete) way to do this?


I know that this will most likely involve ADSI.  If so, please be as specific as possible.

Many, many thanks!

Barron
0
Comment
Question by:barronfraker
4 Comments
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 1000 total points
ID: 37814677
The best way to do this is using ntdsutil and the correct steps are outlined in the following link:

http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 1000 total points
ID: 37814678
It used to involve ntdsutil  (you can still use that method)  but in 2008 it gets easier because a lot of it is through the GUI

http://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx

when this is done and you are ready try and get another DC up as soon as you can.   This example is perfect for illustrating why 2 DCs is always key.

Thanks

Mike
0
 
LVL 80

Expert Comment

by:arnold
ID: 37814740
The server might not be coming back, but unless you wait till tombstone period the setup a second dc as recommended, the dc1 can be reused for the replacement server.
0
 
LVL 2

Author Comment

by:barronfraker
ID: 37814898
alanhardisty and  mkline71,

Both your posts were helpful.  The GUI-based approach made this last a lot less longer than I had expected, but true to form, Microsoft's solution was incomplete.  Alan's Petri link filled in the blanks (like cleaning out DNS), so now everything is running smoothly.

Thanks to you both!

Barron
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question