Had 3 domain controllers, 1 failed yesterday

tdeantdean Member Posts: 520
in Off-Topic
Best way to remove this from AD? obviously i cant boot it up and demote it. I was going to run the ntdsutil on the other 2 and remove metadata? Do i need to remove anything from sites/services or anything or will that take care of it? it was 2003.
· Share on FacebookShare on Twitter

Comments

  • MrAgentMrAgent Member Posts: 1,309 ■■■■■■■■□□
    Make sure you remove all entries from DNS as well.

    Clean up server metadata: Active Directory
    · Share on FacebookShare on Twitter
  • tdeantdean Member Posts: 520
    MrAgent wrote: »
    Make sure you remove all entries from DNS as well.

    Clean up server metadata: Active Directory
    oh yeah... good call. so i just run this on the remaining 2 controllers? Can i do this during production hrs? How long does it usually take? We're not very big, thus no need to rebuild the server.
    · Share on FacebookShare on Twitter
  • MrAgentMrAgent Member Posts: 1,309 ■■■■■■■■□□
    You just need to do it on one server. Once the metadata cleanup is done, the changes will replicate to the other DC. Just make sure you clean up your DNS servers is all.

    I worked at an agency that had several DCs tombstone because of bad (international) connection issues, so I have done this quite a few times.

    Yes you can do this during production, and it shouldnt take very long at all. Its just a series of commands youll run. Follow the instructions listed on the TechNet site.
    · Share on FacebookShare on Twitter
  • tdeantdean Member Posts: 520
    MrAgent wrote: »
    You just need to do it on one server. Once the metadata cleanup is done, the changes will replicate to the other DC. Just make sure you clean up your DNS servers is all.

    I worked at an agency that had several DCs tombstone because of bad (international) connection issues, so I have done this quite a few times.

    Yes you can do this during production, and it shouldnt take very long at all. Its just a series of commands youll run. Follow the instructions listed on the TechNet site.
    ok, thats great. thanks. i manually removed SOA etc from DNS, im assuming thats the only way to get rid of all that?
    · Share on FacebookShare on Twitter
  • MrAgentMrAgent Member Posts: 1,309 ■■■■■■■■□□
    And any other records. The link should have more information on removing everything from DNS.
    · Share on FacebookShare on Twitter
  • tdeantdean Member Posts: 520
    Doesnt seem to be working for me....

    ntdsutil: metadata cleanup
    metadata cleanup: remove selected server tcs-dbc
    Binding to localhost ...
    Connected to localhost using credentials of locally logged on user.
    LDAP error 0x22(34 (Invalid DN Syntax).
    Ldap extended error message is 0000208F: NameErr: DSID-031001BA, problem 2006 (BAD_NAME), data 8350, best match of:
    'CN=Ntds Settings,tcs-dbc'
    Win32 error returned is 0x208f(The object name has bad syntax.)
    )
    Unable to determine the domain hosted by the DC (5). Please use the connection m
    enu to specify it.
    Disconnecting from localhost...
    metadata cleanup: connection
    server connections: connect to server tcs-dbc
    Binding to tcs-dbc ...
    DsBindW error 0x6ba(The RPC server is unavailable.)
    server connections: quit
    metadata cleanup: quit
    ntdsutil: quit
    icon_cry.gif
    · Share on FacebookShare on Twitter
  • undomielundomiel Member Posts: 2,818
    If tcs-dbc is the server you're trying to clean-up you won't be able to connect to it. You need to connect to one of your other DCs and then select the site, domain, and server tcs-dbc or whatever your failed server is. Then you can remove the failed server.
    Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
    · Share on FacebookShare on Twitter
  • tdeantdean Member Posts: 520
    Got it!!!

    Thanks!
    · Share on FacebookShare on Twitter
Sign In or Register to comment.