I think you should be good to go, but if you want more assurance, you might wish to ask this question over on the activedir.org mailing list. There are a fair number of AD heavyweights there.
Kurt On Wed, Jan 20, 2016 at 8:14 PM, No One <[email protected]> wrote: > Hello all! > > leaving aside hateful thoughts directed at windows, please consider the > following situation: > > · GIVENS: > o I have a client with multiple locations. The client runs windows > active directory. Each location has an ADS controller. > o Client sold one part of its biz, SUB A. SUB A's IT components are > largely contained in its location. SUB A, at its location, has a > combination file server/AD server (SUBA-FS1). > o the new owner of SUB A has elected to keep this file server. > o SUBA-FS1 is running win2k8r2 > o SUBA-FS1 is a vm running on a vmware 5.0 server (SUBA-ESX1). > o There are no vmware or vss snapshots. > o The new owner won’t be getting a backup of SUBA-FS1. > o SUBA-ESX1 has been used as a staging area for DR testing (restoring > other VMS). > § It has one data store. > § These vms have been removed. > § I have added virtual disks to SUBA-FS1 that are the same size as the > total free space and run sysinternals sdelete against the disks, which > effectively overwrote all the free space in vmfs. > · QUESTION: > o can I safely give this server to the new owner? > o If so how? > · MY THOUGHTS > o When I demote the server from domain controller to member server, > windows removes active directory info from the machine. > o I think that this process wipes the data (deletes it and zeroes out the > files and folder so that undelete is not possible) from the disk. > o I think that even if the process does not wipe the data, if the folder > that contains the active directory data is gone and I run “sdelete –p 5 –c > c:” (from sysinternals), then the data will be gone. > > If there is no secure way to do this, what is the best I can do? > > I think I am on the right track but I have been doing this long enough to > realize that I could be missing something. > > i am happy to answer follow up questions. > > Thanks in advance. > > > > _______________________________________________ > Dailydave mailing list > [email protected] > https://lists.immunityinc.com/mailman/listinfo/dailydave > _______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
