?
Solved

help with removing old domain controller

Posted on 2013-01-22
6
Medium Priority
?
339 Views
Last Modified: 2013-01-28
Here is my situation. Replication is failing somewhere, I'm not sure where to fix it. I can run some dcdiag reports, but I'm not sure which ones to run. I can paste results here.

DC01old is a demoted Win2003 DC that is powered off and gone.
DC02old is a win2003 DC that is still active but I want to demote it

The 3 new DC's (DC01, DC02, DC03) are replicating with DC02old.
DC02old still shows DC01old in the ntds settings. This should not be there, I would assume.

I tried using ntdsutil to do some meta cleanup but it showed nothing to cleanup.

There is the option to right-click DC01old in ntds settings and Delete, but I dont want to screw anything up. For Site3/DC03 I did manually add DC01 and tried to replicate but getting the 'Naming context is in the process of being removed' error. Any ideas?? Thanks.


Sitename            From Server
Site1
DC01            DC02old

Site2
DC02            DC02old
DC02old            DC01old, DC02, DC03

Site3
DC03            DC02old
0
Comment
Question by:cb_it
  • 3
  • 3
6 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 2000 total points
ID: 38805805
Are you running 2008 on your new DCs, if so you can safely delete that old box.  That is how metadata cleanup is done in 2008 and newer

http://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx

Thanks

Mike
0
 

Author Comment

by:cb_it
ID: 38805858
Yes, new servers are 2008R2.

Thanks for the link, and quick reply. The article mentions right-click on NTDS settings and hit delete. My old server DC01old isnt on the left hand side as a server, it only shows up as a replication partner when I click on DC02old.

It actually shows DC01old\OADEL:0a7a378d.... blah blah.

Is this safe to delete, I would assume considering this server doesnt exist. But would this be causing my replication to fail? What about that naming context error??
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 38805864
Yes you can delete that connection object, do you see any other places where DC01 is listed (DNS, ADUC, sites and services, etc)

Thanks

Mike
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:cb_it
ID: 38805891
Again, thanks for the quick response, Mike.

I did delete it from ADUC and from DNS, but I did double check and I see the old server in DNS with a Name Server (NS) record. The server is gone so again I would assume this can safely go?

repadmin /showreps says replication failed because of a schema mismatch.
0
 

Author Comment

by:cb_it
ID: 38811112
Anyone have any ideas to help me out, I'm pretty stuck. Replication is still failing. Tons of KCC errors everywhere.

In AD Sites and services I dont see all of domain controllers listed under each NTDS Settings. Some DC's are here, some are there, some not at all. Any help would be greatly appreciated, thanks.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 38811160
Yes delete the server from name servers and any other references you find.  

Did you see this KB for schema mismatch (it is a long one)   http://support.microsoft.com/kb/2734946

Thanks

Mike
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question