Windows Thread, Corrupt Domain Controller in Technical; You will need to look at some NTDSUTIL guides to do the necessary clean up. Google something like
ntdsutil remove ...
5th December 2008, 04:13 PM #16
You will need to look at some NTDSUTIL guides to do the necessary clean up. Google something like
ntdsutil remove a dead dc
5th December 2008, 04:19 PM #17
No, I'm following this guide on the faulty server.
Originally Posted by FN-GM
How to remove data in Active Directory after an unsuccessful domain controller demotion
Should I follow these steps on a good DC to remove all entries to the failed DC?
When the faulty DC is removed from the network it's taking the clients ages to log on but only partially runs the GP - they get some settings but are getting access to the C drive.
5th December 2008, 04:23 PM #18
Yep, you want all references to that server gone from the domain.
Microsoft best practice then states that the server that's been removed would make a good paperweight, but should never be brought back onto the domain. If you are going to then make sure all traces are gone before doing so, a complete reformat and rebuild's your best bet.
5th December 2008, 04:23 PM #19
I don't think you are at risk. AD is pretty good at not replicating "bad" data - @gibbo's comments about changes made on this DC not replicating to other DCs tends to confirm this.
Originally Posted by ChrisH
Having said that, you might as well leave the machine disconnected. You can use dcpromo /forceremoval so that it will stop being a DC; you then just run ntdsutil - this is a good description of what to do.
5th December 2008, 04:38 PM #20
Thanks for all your help guys. I've manually removed the faulty DC from the domain with KB216498, and removed all entries in DNS and DHCP relating to it.
I've shut down and restarted a number of random client PCs around school and so far they've logged on ok - no delays and picking up the two "good" DCs.
The real test will be Monday morning when everyone logs on!
9th December 2008, 02:07 PM #21
use NTDS Util to manually remove DC form yr forest. Part of the SVR install. Once removed I would do a clean install and let yr DC update through replication. I'm assuming that all yr DC's have high speed link between them (1GBPS)
Use NTD Util to comfirm if all enteries for the corrput DC have been reomved, check yr svr locator records too.
By Blind in forum Windows
Last Post: 18th May 2008, 01:36 PM
By binky in forum Windows
Last Post: 3rd April 2008, 11:23 PM
By armadillo in forum Windows
Last Post: 31st August 2007, 10:00 AM
By Dos_Box in forum Windows
Last Post: 13th June 2007, 06:17 PM
By Oops_my_bad in forum Windows
Last Post: 19th April 2007, 06:54 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)