• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3492
  • Last Modified:

Old Domain Controller server keeps showing up

I have an old domain controller GHOST that keeps haunting my network. When i go to my network i see it amongst the other computers when it discovers the network.

i decommisioned this server a long time ago and it is now just a file server. It has a totally new name.

I have two new domain controllers. I notice that there is even a PTR record that keeps showing up everytime i delete it also.

How can I get rid of this server from my network. It seems to grab ip addresses too.
0
MEATBALLHERO
Asked:
MEATBALLHERO
  • 4
  • 3
  • 2
  • +3
2 Solutions
 
MaheshArchitectCommented:
You can check your active directory users and computers and search it name
will you be able to find it there ?

You might have computer \ member server with same name in network and its registering its host record and PTR record as well.

You can cross check by pinging PTR record
ping -a <IP of computer>
once you found hostname, try to ping host record as well and verify that both are pointing to same computer..

Mahesh
0
 
LearnctxEngineerCommented:
Perform a metadata clean-up if you have not done so already and make sure you have completely removed any DNS references to the server (as a name server, any SRV records, etc).

I've used this guide without fail for years as far as metadata cleanups go.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm

Server 2008 and above is supposed to do this stuff automatically but personally I have found it is not always as full proof as doing it by hand.
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
I would also recommend making sure that meta-data is cleaned up. Another thing to watch out for when decommissioning a DC is make sure that the SRV records are not referencing the old DC as well. If there are any SRV records make sure that you delete them.

SRV records are located in DNS>Domain Zone>_msdcs. Under there you will see DC, GC, PDC etc. Go through those and delete any records that are were from the old DC.

Will.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
MEATBALLHEROAuthor Commented:
I did this before. Just tried it again. The server does not show up. It must have something else that is causing it to show up.
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
When you say it is showing up what is it doing exactly, and where is it showing up?

Will.
0
 
SandeshdubeySenior Server EngineerCommented:
Can you try pinging the old server name with ip address and name do you get response. Also check your file server which was acting as dc before it should not have multiple nic configured. Can you post the ipconfig /all details of your file server and dcdiag /q and repadmin /replsum of online dc.
0
 
LearnctxEngineerCommented:
Yes if you could elaborate on 'showing' up that would be handy. Do you mean it just resolves? Ping could be using the local DNS cache on the machine or WINS, so use nslookup instead and see if the server name resolves. If it is the IP, check that the reverse lookup for the server has been removed as well.

Is the domain controller still in Active Directory sites and services? Has it had its replication objects deleted from there? Do any servers in sites and services still have replication links to the decommissioned DC's object?
0
 
MaheshArchitectCommented:
Even server entry may be remain with AD metadata, how can it automatically updates the PTR record ?
 
You have said that you already removed server from active directory and changed its hostname also and now using as file server
Also you said that you can able to view computer account while browsing network computers

Like i said in my 1st comment, you must be having alive computer account in AD as member server \ computer which is actually updating PTR record even after deletion.

You will find Host (A) record also in DNS in that case.

Just try to find this computer from ad users and computers and then try to connect it
to identify the truth.

Mahesh
0
 
MEATBALLHEROAuthor Commented:
Showing up....means I can see the the icon in my network places. The name of the computer used to be HQFX1 and it was a domain controller a long time ago. I removed dcpromo did a meta cleanup and removed services DNS and DHCP. Then i renamed the computer to NAS02. Now I can see both HQFX1 and NAS02 in my network places.

If I click on HQFX1 it times out. I deleted the PTR and Host records from Domain Controller but it is still pops up on Network places.
0
 
MEATBALLHEROAuthor Commented:
Also I deleted the computer name from ADS Users and computers. But it still pops up. Could it be something still on NAS02.
0
 
DrDave242Commented:
Open an elevated command prompt on the affected server and run the following command:

netdom computername <new_computer_name> /enumerate:allnames

This will display all registered names for the server in question. If the old name is still listed as an alternate, run this command to remove it:

netdom computername <new_computer_name> /remove:<old_computer_name>

Then reboot the server.
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
Does this happen on all machines that you try and use Network Places or is it one particular server/workstation?

If it is only 1 specific server it could just be a ghost object with in your profile which i have seen cases like this. This would only be the case if it has not happened on any other servers/workstations.

Will.
0
 
MEATBALLHEROAuthor Commented:
Both Steps Are Necessary.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

  • 4
  • 3
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now