Re: [ActiveDir] Remove Defunct domains..

[HBooGz]

Hey Guys -

It's really an OLD NT 4.0 domain that was migrated over to 2k and just recently upgraded to 2003 R2. I'm sure i'd have to probably cleanup the metadata, etc.

but anyway to curb the creation of these rogue workgroups ? if i can't curb, how i can succesfully remove or be alerted ?

alerting sounds advantageous...

On 8/3/06, [EMAIL PROTECTED] < [EMAIL PROTECTED]> wrote:

... or load up "browmon". it's been a while since I used that, so pls, no questions :)

 

 

neil

---

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Paul Williams
Sent: 03 August 2006 14:17

To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Remove Defunct domains..

See kb216498 for the info. on the NTDSUTIL cleanup.  Basically you need to perform a metadata, DNS and FRS cleanup.  ThatKB details all the necessary steps.

 

You'd determine the IP address of the workgroup by the 1B and 1C records registered for that name.

 

The domain master browser is performed by the PDCe.  A master browser is also elected on a per-subnet basis.  Check out the Win2k RK book - TCP/IP core networking guide for more info.  There's an appendix on the browser service.

 

 

--Paul

 

 

----- Original Message -----

From: HBooGz

To: ActiveDir@mail.activedir.org

Sent: Thursday, August 03, 2006 1:33 PM

Subject: Re: [ActiveDir] Remove Defunct domains..

Thanks Neil -

How would one determine the IP of the members of a particular workgroup ?

RE: NTDSUTIL - just do a search, that matches the whole string, for the domain name ? and remove accordingly ?

On 8/3/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:

Look for 1b and 1c records in WINS for the defunct domain. Remove them and wait for WINS replication.

 

You should also use ntdsutil and remove the redundant AD objects too.

 

You can never stop ppl creating new workgroups - you should be able to determine the IP address of their members however and then track back to individual machines / users.

 

 

neil

---

From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of HBooGz

Sent: 03 August 2006 03:04

To: ActiveDir@mail.activedir.org

Subject: Re: [ActiveDir] Remove Defunct domains..

hey guys -

 

 

Yes, i'm using wins.

 

Yes, they are appearing outside of network neighborhood.

 

what exactly would i examine (node type) that would help me pinpoint where these are appearing ? and how to get rid of it ?

 

definitely appears to be a browsing issue ?

 

how can i force who is the "master browser" for the domain ? all workstations are windows 2000 and windows xp

 

 

i'm also seeing workgroups that should have never been created and i'm now policing against -- any way to rid myself of this or detect where they are being generated ?

 

Thanks
 

On 8/2/06, Ayers, Diane <[EMAIL PROTECTED]> wrote:

<dusting off old NT 4.0 sectors> 

 

Check your WINS database if you are using WINS.  Part of the browsing data comes from WINS and the database will tell you where those records are coming from.  You can address  it via the hosts if it's coming from there or clean up your WINS db.

 

Diane

---

From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Brian Desmond
Sent: Wednesday, August 02, 2006 3:10 PM

To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Remove Defunct domains..

 

That's a browser function not something in AD. There's probably still computers joined to those domains (even though they don't exist) or computers in workgroups with the same names…

 

Thanks,

Brian Desmond

[EMAIL PROTECTED]

 

c - 312.731.3132

 

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of WATSON, BEN
Sent: Wednesday, August 02, 2006 5:05 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Remove Defunct domains..

 

You can remove the orphaned domains through NTDSUTIL.  Doing a metadata cleanup.

 

---

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of HBooGz
Sent: Wednesday, August 02, 2006 2:46 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Remove Defunct domains..

 

Whenever i browse Network Neighborhood or view the list of availble networks, there are a few domains that appear that shouldn't. Is there a way to remove these domain/domain entries manually ?

ADSI edit ?



--
HBooGz:\>

--
HBooGz:\>

PLEASE READ: The information contained in this email is confidential and

intended for the named recipient(s) only. If you are not an intended

recipient of this email please notify the sender immediately and delete your

copy from your system. You must not copy, distribute or take any further

action in reliance on it. Email is not a secure method of communication and

Nomura International plc ('NIplc') will not, to the extent permitted by law,

accept responsibility or liability for (a) the accuracy or completeness of,

or (b) the presence of any virus, worm or similar malicious or disabling

code in, this message or any attachment(s) to it. If verification of this

email is sought then please request a hard copy. Unless otherwise stated

this email: (1) is not, and should not be treated or relied upon as,

investment research; (2) contains views or opinions that are solely those of

the author and do not necessarily represent those of NIplc; (3) is intended

for informational purposes only and is not a recommendation, solicitation or

offer to buy or sell securities or related financial instruments. NIplc

does not provide investment services to private customers. Authorised and

regulated by the Financial Services Authority. Registered in England

no. 1550505 VAT No. 447 2492 35. Registered Office: 1 St Martin's-le-Grand,

London, EC1A 4NP. A member of the Nomura group of companies.

--
HBooGz:\>

PLEASE READ: The information contained in this email is confidential and

intended for the named recipient(s) only. If you are not an intended

recipient of this email please notify the sender immediately and delete your

copy from your system. You must not copy, distribute or take any further

action in reliance on it. Email is not a secure method of communication and

Nomura International plc ('NIplc') will not, to the extent permitted by law,

accept responsibility or liability for (a) the accuracy or completeness of,

or (b) the presence of any virus, worm or similar malicious or disabling

code in, this message or any attachment(s) to it. If verification of this

email is sought then please request a hard copy. Unless otherwise stated

this email: (1) is not, and should not be treated or relied upon as,

investment research; (2) contains views or opinions that are solely those of

the author and do not necessarily represent those of NIplc; (3) is intended

for informational purposes only and is not a recommendation, solicitation or

offer to buy or sell securities or related financial instruments. NIplc

does not provide investment services to private customers. Authorised and

regulated by the Financial Services Authority. Registered in England

no. 1550505 VAT No. 447 2492 35. Registered Office: 1 St Martin's-le-Grand,

London, EC1A 4NP. A member of the Nomura group of companies.

--
HBooGz:\>