I didn't get the drift he had a multidomain forest. If he does, and he doesn't have a forest root DC then he's SOL and will have to ADMT to a new domain/forest.
Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:ActiveDir- > [EMAIL PROTECTED] On Behalf Of Myrick, Todd (NIH/CC/DNA) [E] > Sent: Monday, March 06, 2006 8:37 PM > To: [email protected]; [email protected] > Subject: RE: [ActiveDir] There must be an easier way... > > Brian, > > I never did this, but I guess I should try it.... if one domain tree > established the forest, another domain tree is added, but then the initial > tree is removed.... won't that cause problems for the other domain tree, > even if they clean up the forest and seize the FSMO roles. The schema and > configuration containers will reflect the naming context of the root > forest. Also that is where the enterprise roles will exist. I think the > only thing the non-root can do is reinstall the Forest, while the forest > root can just do the clean-up. > > Todd Myrick > > ________________________________ > > From: Brian Desmond [mailto:[EMAIL PROTECTED] > Sent: Mon 3/6/2006 7:47 PM > To: [email protected] > Subject: RE: [ActiveDir] There must be an easier way... > > > > Larry- > > Just follow the steps and remove the two DCs that were offsite. Wait for > replication internally and delete the site/subnet. All done. > > I suggest you reset all passwords for sensitive accounts or even better > expire every password in the domain. Your client can obtain these if > they're industrious and it sounds like you left on a bad note. > > Thanks, > Brian Desmond > [EMAIL PROTECTED] > > c - 312.731.3132 > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:ActiveDir- > > [EMAIL PROTECTED] On Behalf Of Larry Wahlers > > Sent: Monday, March 06, 2006 7:17 PM > > To: [email protected] > > Subject: [ActiveDir] There must be an easier way... > > > > Hello, colleagues, > > > > A client that we had set up as a site within our domain with its own > > pair of DC's has decided to break off from us, get their own ISP, and > > cut the network cable between us. In fact, they've done that last > > weekend. Now, the Directory Service event log on one of our DC's is > > spewing out 21 warning and error messages every 15 minutes, all > related > > to the fact that there are no available DC's in that site. > > > > Doing a Google search, I found this article > > http://support.microsoft.com/?kbid=216498 which describes at least 20 > > steps that must be taken to remove a DC following an unsuccessful DC > > demotion. Which, I suppose, is what I would have done had I had the > > opportunity to demote the DC's before this client cut the line. The > > article also has this warning: > > > > "Caution The administrator must also make sure that replication has > > occurred since the demotion before manually removing the NTDS Settings > > object for any server. Using the Ntdsutil utility incorrectly may > result > > in partial or complete loss of Active Directory functionality." > > > > Being a relative newbie to Active Directory management (but, just > > emerging from a pair of classes), I have to ask if there is an easier > > way to do this? We have about 800 users and 4 corporations on this > wire, > > and they might get a bit testy if their computers stopped working all > of > > a sudden! > > > > -- > > Larry Wahlers > > Concordia Technologies > > The Lutheran Church - Missouri Synod > > mailto:[EMAIL PROTECTED] > > direct office line: (314) 996-1876 > > List info : http://www.activedir.org/List.aspx > > List FAQ : http://www.activedir.org/ListFAQ.aspx > > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
