Rarely, a situation may arise where a child domain has been created in Active Directory, and the DC in that domain is no longer available. You are then left with a situation where you can’t contact the domain to either remove the objects, or the domain itself.
- Remove all the DNS entries for the missing DCs and the child domain. Make sure you get the GUID entries too.
- Fire up ntdsutil and connect to the operations master:
ntdsutil: metadata cleanup
metadata cleanup:
metadata cleanup: connections
server connections:
server connections: connect to server yourdomain.local
Binding to london …
Connected to london using credentials of locally logged on user
server connections:
server connections: quit
metadata cleanup:
metadata cleanup: select operation target
select operation target:
select operation target: list domains
Found 2 domain(s)
0 – DC=yourdomain,DC=local
1 – DC=child,DC=yourdomain,DC=local
select operation target:
select operation target: select domain 1
No current site
Domain – DC=child,DC=yourdomain,DC=local
No current server
No current Naming Context
select operation target:
select operation target: quit
metadata cleanup:
metadata cleanup: remove selected domain
You may find that you cannot delete the child because servers still exist.
In that case:
ntdsutil: metadata cleanup
metadata cleanup:
metadata cleanup: connections
server connections:
server connections: connect to server yourserver.yourdomain.local
Binding to london …
Connected to yourserver using credentials of locally logged on user
server connections:
server connections: quit
metadata cleanup:
metadata cleanup: select operation target
select operation target:
select operation target: list sites
Found 1 site(s)
0 – CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=yourdomain,DC=local
select operation target:
select operation target: select site
Site – CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=yourdomain,DC=local
No current domain
No current server
No current Naming Context
select operation target:
select operation target: list servers in site
Found 1 server(s)
0 – CN=rogueserver,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=yourdomain,DC=local
select operation target: select server 0
You should then be able to back out (quit) and remove the server (remove selected server). If you get a warning about a domain not being selected, then list them (list domains), and select the domain (select domain x).
No comments yet.