There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.
How to remove Backup DC NTDS Settings
We have 2 DCs (Server 2003) - primary and backup. Our backup went offline for longer than 60 days and became stale. We have demoted the backup DC using dcpromo cmd. Here's what happened:
1. Ran "dcpromo". The removal failed because of Access is denied error.
2. Ran "dcpromo /forceremoval", as per this article: http://technet.microsoft.com/en-us/library/cc731871(v=ws.10).aspx
3. Tried to clean up the backup DC (now with DC roles removed) with ntdsutil.exe, but the commands were also failing with Access is denied error. So I couldn't perform steps in this article: http://support.microsoft.com/kb/216498?wa=wsignin1.0
4. Rebooted the backup DC. Now it's just a regular domain member.
But in the primary DC's Sites and Services tree, the backup DC is still showing up (of course replicating to it fails with "no endpoint" error). In addition, that backup DC node has NTDS Setting child node inside. And I read here, that if NTDS Settings child node exists for a DC, then that DC should not be removed from Sites and Services:
http://technet.microsoft.com/en-us/library/cc738355(v=ws.10).aspx (says it in the "Important" section)
My question: Can remove that NTDS Setting child node from the decommissioned DC? Are there any adverse effects? Then can I remove the backup Dc from the tree?
Thanks.
1. Ran "dcpromo". The removal failed because of Access is denied error.
2. Ran "dcpromo /forceremoval", as per this article: http://technet.microsoft.com/en-us/library/cc731871(v=ws.10).aspx
3. Tried to clean up the backup DC (now with DC roles removed) with ntdsutil.exe, but the commands were also failing with Access is denied error. So I couldn't perform steps in this article: http://support.microsoft.com/kb/216498?wa=wsignin1.0
4. Rebooted the backup DC. Now it's just a regular domain member.
But in the primary DC's Sites and Services tree, the backup DC is still showing up (of course replicating to it fails with "no endpoint" error). In addition, that backup DC node has NTDS Setting child node inside. And I read here, that if NTDS Settings child node exists for a DC, then that DC should not be removed from Sites and Services:
http://technet.microsoft.com/en-us/library/cc738355(v=ws.10).aspx (says it in the "Important" section)
My question: Can remove that NTDS Setting child node from the decommissioned DC? Are there any adverse effects? Then can I remove the backup Dc from the tree?
Thanks.
Asked:
2 Solutions
Do meta data cleanup also check fsmo roles owner. NetDOM /query FSMO
http://www.petri.co.il/delete_failed_dcs_from_ad.htm
http://support.microsoft.com/kb/2002413
http://www.petri.co.il/delete_failed_dcs_from_ad.htm
http://support.microsoft.com/kb/2002413
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Join & Write a Comment Already a member? Login.
Featured Post
Tackle projects and never again get stuck behind a technical roadblock.
Join Now
Check the link below,
http://support.microsoft.com/kb/255504