Ron Hartpence
asked on
Metadata cleanup on an Active Directory - please help! :)
This is my first question here.. please go easy on me. If I missed something please ask and I will answer ASAP. Thank-you Experts!
We had an old 2003 DC that I demoted. (dns2)
Installed a new 2012 DC and promoted into the domain. (as dns-2).. My first mistake I guess, I wanted to keep the same name. Not best practice I know.. that's why I'm here.
When the problems started:
I renamed the DC to the old name (dns2)
Couldn't get netlogon services working. When I did a dcdiag on the 2012 server it still had the old name attached to it (dns-2)
Then I noticed in DNS it had both dns2 and dns-2 as the same IP
Demoted the 2012 server, now my AD metadata is messed up and I can't delete the dns2 or dns-2 in AD:
Error for both: Windows cannot delete object LDAP:// blah blah because: The specified module could not be found.
Went into dns1 (2003, has all FSMO roles) and tried this:
2) At the command prompt, type the following command, and then press ENTER:
ntdsutil
3) At the ntdsutil prompt, type the following command, and then press ENTER:
metadata cleanup
4) At the metadata cleanup: prompt, type the following command, and then press ENTER:
remove selected server SERVERNAME
This is the results:
D:\Program Files\Support Tools>ntdsutil
ntdsutil: metadata cleanup
metadata cleanup: remove selected server dns2
Binding to localhost ...
Connected to localhost using credentials of locally logged on user.
LDAP error 0x22(34 (Invalid DN Syntax).
Ldap extended error message is 0000208F: NameErr: DSID-031001BA, problem 2006 (B
AD_NAME), data 8350, best match of:
'CN=Ntds Settings,dns2'
Win32 error returned is 0x208f(The object name has bad syntax.)
)
Unable to determine the domain hosted by the DC (5). Please use the connection m
enu to specify it.
Disconnecting from localhost...
metadata cleanup:
So at this point I'd like to get AD cleaned up and back to normal. Then, I'd like to get dns2 back up with hopefully the same name? Unless directed otherwise. Thanks again Ron.
We had an old 2003 DC that I demoted. (dns2)
Installed a new 2012 DC and promoted into the domain. (as dns-2).. My first mistake I guess, I wanted to keep the same name. Not best practice I know.. that's why I'm here.
When the problems started:
I renamed the DC to the old name (dns2)
Couldn't get netlogon services working. When I did a dcdiag on the 2012 server it still had the old name attached to it (dns-2)
Then I noticed in DNS it had both dns2 and dns-2 as the same IP
Demoted the 2012 server, now my AD metadata is messed up and I can't delete the dns2 or dns-2 in AD:
Error for both: Windows cannot delete object LDAP:// blah blah because: The specified module could not be found.
Went into dns1 (2003, has all FSMO roles) and tried this:
2) At the command prompt, type the following command, and then press ENTER:
ntdsutil
3) At the ntdsutil prompt, type the following command, and then press ENTER:
metadata cleanup
4) At the metadata cleanup: prompt, type the following command, and then press ENTER:
remove selected server SERVERNAME
This is the results:
D:\Program Files\Support Tools>ntdsutil
ntdsutil: metadata cleanup
metadata cleanup: remove selected server dns2
Binding to localhost ...
Connected to localhost using credentials of locally logged on user.
LDAP error 0x22(34 (Invalid DN Syntax).
Ldap extended error message is 0000208F: NameErr: DSID-031001BA, problem 2006 (B
AD_NAME), data 8350, best match of:
'CN=Ntds Settings,dns2'
Win32 error returned is 0x208f(The object name has bad syntax.)
)
Unable to determine the domain hosted by the DC (5). Please use the connection m
enu to specify it.
Disconnecting from localhost...
metadata cleanup:
So at this point I'd like to get AD cleaned up and back to normal. Then, I'd like to get dns2 back up with hopefully the same name? Unless directed otherwise. Thanks again Ron.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Luis, I forgot about that tool.. and it seemed to work! I no longer see them in users and computers..
Now going forward. I'm going to create a new 2012 server and bring it up as dns2.
At this point can I use the same name?
Thanks!
Now going forward. I'm going to create a new 2012 server and bring it up as dns2.
At this point can I use the same name?
Thanks!
Great that is solved.
Yes you can if all is clean, maybe is better use other name, at least for troubleshooting
Yes you can if all is clean, maybe is better use other name, at least for troubleshooting
ASKER
Thank you!
ASKER
"Error for both: Windows cannot delete object LDAP:// blah blah because: The specified module could not be found."