As Joe already said there must be some break in the replication and try to fix that FIRST! See if one or more or all GCs are experiencing the problem. See that all GCs have an inbound replication partner that has that particular naming context (readable being another GC or writable being the DC of the domain) . If the GC is missing a replication partner for a certain naming context they're complaining about that in the event viewer (don't know exactly what the event id is)
If replication seems to be OK, AND ONLY IF, there is a way to do a complete rebuild for a certain naming context on a GC. This simply throughs away the current naming context and rebuilds it from another replication partner by replicating it in. That replication partner MUST have a healthy naming context contents for that particular AD domain Cheers, Jorge -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: woensdag 16 februari 2005 3:08 To: [email protected] Subject: RE: [ActiveDir] Remove orphaned account You need to figure out where the break is. Look at the GC that you expect it at and chase back through the replication connections to determine how the change should get there from the domain. There has to be a break somewhere. joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, February 15, 2005 5:07 PM To: [email protected]; joe Subject: RE: [ActiveDir] Remove orphaned account This has been since last week. (about 5 days). Is there anyway to force the delete to the other GC's? -Devon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Tuesday, February 15, 2005 4:51 PM To: [email protected] Subject: RE: [ActiveDir] Remove orphaned account How long ago was this account deleted? If it has been longer than the tombstone period, you have a lingering object and you need to start worrying about what other bad things are going on. If it has been recently, you need to chase your replication and determine where the update stopped at. joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, February 15, 2005 4:36 PM To: [email protected]; joe Subject: RE: [ActiveDir] Remove orphaned account That's exactly the case, except its not in the child domain (child1.domain.com) but it exists everywhere else, (domain.com, child2.domain.com, child3.domain.com) When I try the admod command, it tries to contact the child domain (child1.domain.com) that is the owner of the account, but does not find it there. Some how, it seems that the deletion did not replication to all other GC's in the forest. -Devon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Tuesday, February 15, 2005 4:26 PM To: [email protected] Subject: RE: [ActiveDir] Remove orphaned account That means your default GC has the object in its database but your default DC for that domain doesn't see it. You can tell which DCs are involved by doing this adfind -gc -b -s base dnshostname adfind -h domain.com -b -s base dnshostname If the object is in your default domain you can shorten the second command to adfind -b -s base dnshostname joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, February 15, 2005 4:13 PM To: joe; [email protected] Subject: RE: [ActiveDir] Remove orphaned account When I try to remove the object, I get this: C:\> Adfind -gc -b -f "proxyaddresses=smtp:[EMAIL PROTECTED]" -dsq | admod -del AdMod V01.00.00cpp Joe Richards ([EMAIL PROTECTED]) July 2004 DN Count: 1 Using server: server.domain.com Deleting specified objects... DN: cn=doe\, john,cn=users,dc=domain,dc=com...: [server.domain .com] Error 0x20 (32) - No Such Object ERROR: Too many errors encountered, terminating... The command did not complete successfully -----Original Message----- From: joe [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 15, 2005 3:55 PM To: [email protected] Cc: Harding, Devon Subject: RE: [ActiveDir] Remove orphaned account <Resend and Update, list blocked because I responded from wrong account> Almost, -del or -rm would delete the entire user object... But you need to use -dsq on adfind to output the quoted DN. adfind -gc -b -f "proxyaddresses=smtp:[EMAIL PROTECTED]" -dsq | admod -del Also if you want to just remove that address you could do adfind -gc -b -f "proxyaddresses=smtp:[EMAIL PROTECTED]" -dsq | admod "proxyaddresses:-:smtp:[EMAIL PROTECTED]" Note that if that address is the primary SMTP Exchange may get grumpy if you don't set another address as primary. [UPDATE} Looking at Hunters Response, he makes sense. Instead of deleting the object or the attribute, consider clearing the Exchange attributes. adfind -gc -b -f "proxyaddresses=smtp:[EMAIL PROTECTED]" -dsq | exchmbx -clear joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, February 15, 2005 3:35 PM To: [email protected] Cc: joe Subject: RE: [ActiveDir] Remove orphaned account Ok, now I'm getting somewhere. Correct me if I'm wrong. Would this be the correct command to find and remove that account that the SMTP address is associated with? Adfind -gc -b -f "proxyaddresses=smtp:[EMAIL PROTECTED]" | admod -del -Devon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, February 15, 2005 3:26 PM To: [email protected] Subject: RE: [ActiveDir] Remove orphaned account Ok, I found the address using adfind -gc -b -f "proxyaddresses=smtp:[EMAIL PROTECTED]", but now how do I remove it from AD? -Devon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, February 15, 2005 3:21 PM To: [email protected] Subject: RE: [ActiveDir] Remove orphaned account About 10mins. When I do a normal AD search for that SMTP address, it does not return any results. That adfind command didn't find any results either. -Devon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Coleman, Hunter Sent: Tuesday, February 15, 2005 3:12 PM To: [email protected] Subject: RE: [ActiveDir] Remove orphaned account How quickly did you try to reuse that SMTP address? I've seen that when I delete a mailbox or contact and immediately try to apply the address to another object. Might be worth verifying that the address is gone: Adfind -gc -b dc=domain,dc=com -s subtree -f "proxyaddresses=*youraddress*" name -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, February 15, 2005 12:52 PM To: [email protected] Subject: [ActiveDir] Remove orphaned account I have a user account that I deleted in AD. When I try to add another user with that same SMTP address, it stated that the address already exists. When I do a search for that address in AD, I get no results. How can I remove this SMTP address from AD? Devon Harding Windows Systems Engineer Southern Wine & Spirits - GSD 954-602-2469 List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
