Dennis,
Thank you for your suggestion; your solution might work, except I am
concerned what will happen when I put the DC back in the original domain.
Consider the following scenario.
Take DC1 and put it on the test network.
Bring up DC2 on the test network.
When I put DC1 back on the production network, it will have a DC2 object as
a domain controller, and try to replicate that info to the other production
DCs.
I should be able to demote DC1, but what will the production network do with
the DC2 info?
The other problem is that the DC I need to remove from AD has
already been reformatted and repurposed, so I can't put it back in the
domain and demote it. I need to figure out how to manually cleanup AD. :-(
Paul Markette
NT Systems Administrator
Epicentric, Inc.
[EMAIL PROTECTED]
(415) 995-7228
-----Original Message-----
From: Dennis Depp [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, December 12, 2001 10:04 AM
To: NT 2000 Discussions
Subject: Re: Removing a DC from AD
Paul,
While this is not a solution to your direct problem, it may work. Bring up
a second DC in your test network. Move the problem DC back to the
production network, run dcpromo to demote the machine, remove the machine
from AD, move the machine back to the test network and run dcpromo again.
A bit of a kludge, but it might solve your problem.
Dennis Depp
Oak Ridge National Lab
At 09:31 AM 12/12/2001 -0800, Paul Markette wrote:
>Hello All,
> I thought it would be a really smart move to DCPromo a server,
then
>put it on a physically separate network so that I can have a copy of the
>production directory for testing. The problem is, since I didn't demote
the
>server before physically moving it, I can't get it out of AD. I followed
>Q216498, which describes "How to remove data in the active directory after
>an unsuccessful domain controller demotion", but I can't find anything
about
>how to forcibly demote the DC object. I used NTDSUTIL to remove the NTDS
>Settings object, deleted the server object in Sites and Services and
cleaned
>up DNS, but I still cannot delete the DC object in Users and Computers. I
>get the error "The DSA object cannot be deleted." The only article I can
>find on Micro$oft's site re: this message is Q216364, which covers the
issue
>where you cannot delete the DC object from Sites and Services, which
doesn't
>apply to me.
> The problem is that this is affecting replication. The other DC's
>are trying to replicate with the ghost DC and failing. Does anyone have
any
>info on how to completely remove a DC from AD? I would greatly appreciate
>any resources that you could point me to.
>
>Thank you,
>
>Paul Markette
>NT Systems Administrator
>Epicentric, Inc.
>[EMAIL PROTECTED]
>415-995-7228
>
>
>------
>You are subscribed as [EMAIL PROTECTED]
>Archives: http://www.swynk.com/sitesearch/search.asp
>To unsubscribe send a blank email to [EMAIL PROTECTED]
------
You are subscribed as [EMAIL PROTECTED]
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe send a blank email to [EMAIL PROTECTED]
------
You are subscribed as [email protected]
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe send a blank email to [EMAIL PROTECTED]
