Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Old Domain Controller server keeps showing up

Posted on 2013-11-23
13
Medium Priority
?
2,641 Views
Last Modified: 2013-12-03
I have an old domain controller GHOST that keeps haunting my network. When i go to my network i see it amongst the other computers when it discovers the network.

i decommisioned this server a long time ago and it is now just a file server. It has a totally new name.

I have two new domain controllers. I notice that there is even a PTR record that keeps showing up everytime i delete it also.

How can I get rid of this server from my network. It seems to grab ip addresses too.
0
Comment
Question by:MEATBALLHERO
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +3
13 Comments
 
LVL 38

Assisted Solution

by:Mahesh
Mahesh earned 1000 total points
ID: 39671920
You can check your active directory users and computers and search it name
will you be able to find it there ?

You might have computer \ member server with same name in network and its registering its host record and PTR record as well.

You can cross check by pinging PTR record
ping -a <IP of computer>
once you found hostname, try to ping host record as well and verify that both are pointing to same computer..

Mahesh
0
 
LVL 18

Expert Comment

by:Learnctx
ID: 39671979
Perform a metadata clean-up if you have not done so already and make sure you have completely removed any DNS references to the server (as a name server, any SRV records, etc).

I've used this guide without fail for years as far as metadata cleanups go.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm

Server 2008 and above is supposed to do this stuff automatically but personally I have found it is not always as full proof as doing it by hand.
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39672017
I would also recommend making sure that meta-data is cleaned up. Another thing to watch out for when decommissioning a DC is make sure that the SRV records are not referencing the old DC as well. If there are any SRV records make sure that you delete them.

SRV records are located in DNS>Domain Zone>_msdcs. Under there you will see DC, GC, PDC etc. Go through those and delete any records that are were from the old DC.

Will.
0
 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

 

Author Comment

by:MEATBALLHERO
ID: 39672023
I did this before. Just tried it again. The server does not show up. It must have something else that is causing it to show up.
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39672026
When you say it is showing up what is it doing exactly, and where is it showing up?

Will.
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39672051
Can you try pinging the old server name with ip address and name do you get response. Also check your file server which was acting as dc before it should not have multiple nic configured. Can you post the ipconfig /all details of your file server and dcdiag /q and repadmin /replsum of online dc.
0
 
LVL 18

Expert Comment

by:Learnctx
ID: 39672115
Yes if you could elaborate on 'showing' up that would be handy. Do you mean it just resolves? Ping could be using the local DNS cache on the machine or WINS, so use nslookup instead and see if the server name resolves. If it is the IP, check that the reverse lookup for the server has been removed as well.

Is the domain controller still in Active Directory sites and services? Has it had its replication objects deleted from there? Do any servers in sites and services still have replication links to the decommissioned DC's object?
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 39672682
Even server entry may be remain with AD metadata, how can it automatically updates the PTR record ?
 
You have said that you already removed server from active directory and changed its hostname also and now using as file server
Also you said that you can able to view computer account while browsing network computers

Like i said in my 1st comment, you must be having alive computer account in AD as member server \ computer which is actually updating PTR record even after deletion.

You will find Host (A) record also in DNS in that case.

Just try to find this computer from ad users and computers and then try to connect it
to identify the truth.

Mahesh
0
 

Author Comment

by:MEATBALLHERO
ID: 39672980
Showing up....means I can see the the icon in my network places. The name of the computer used to be HQFX1 and it was a domain controller a long time ago. I removed dcpromo did a meta cleanup and removed services DNS and DHCP. Then i renamed the computer to NAS02. Now I can see both HQFX1 and NAS02 in my network places.

If I click on HQFX1 it times out. I deleted the PTR and Host records from Domain Controller but it is still pops up on Network places.
0
 

Author Comment

by:MEATBALLHERO
ID: 39672982
Also I deleted the computer name from ADS Users and computers. But it still pops up. Could it be something still on NAS02.
0
 
LVL 27

Accepted Solution

by:
DrDave242 earned 1000 total points
ID: 39673098
Open an elevated command prompt on the affected server and run the following command:

netdom computername <new_computer_name> /enumerate:allnames

This will display all registered names for the server in question. If the old name is still listed as an alternate, run this command to remove it:

netdom computername <new_computer_name> /remove:<old_computer_name>

Then reboot the server.
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39673162
Does this happen on all machines that you try and use Network Places or is it one particular server/workstation?

If it is only 1 specific server it could just be a ghost object with in your profile which i have seen cases like this. This would only be the case if it has not happened on any other servers/workstations.

Will.
0
 

Author Closing Comment

by:MEATBALLHERO
ID: 39694567
Both Steps Are Necessary.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question