Got a bit of an emergency. We run a Win2000 domain (yes, we realize
it's not supported any longer; that's why we were planing on upgrading
it to Win2003 this weekend ...)
Anyway, this morning, we saw something strange. One of my DCs -
ADMNWDC003 - seems to have been renamed in AD to ADMNWDC003TEMP. Turns
out, the new guy was making a new DC for one of our other sites, and
inadvertently called this new DC he was building the existing name of
ADMNWDC003. He tried to rename the computer account, but the damage
was done.
It shows up in AD U&C, Domain Controllers as "ADMNWDC003TEMP". The
actual computer, however, still has the name of ADMNWDC003. Sites and
Services still lists it as ADMNWDC003. So what I've got are entries
for a DC that now longer has a valid computer account ...
So now we're more than slightly stuck in it. :-(
I can't DCPROMO the physical computer back down from not being a DC,
since there's no corresponding computer account. Luckily, it holds no
FSMO roles.
Here's what we think we should do -
Power down ADMNWDC003.
Delete the ADMNWDC003TEMP computer account in AD U&C.
Use ADSIEDIT to remove the ADMNWDC003 entries, *and* ADMNWDC003TEMP
entries, as per KB 555846 ("How to remove completely orphaned Domain
Controller").
Then clean up AD , by using KB 216498 ("How to remove data in AD after
an unsuccessful domain controller demotion").
Any and every help greatly appreciated. Will this work? I want to fix
my AD, so we can upgrade to a supported version ASAP.
Thanks
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
