NTDSUTIL: metadata cleanup

Removal of Failed DomainController in Windows server 2003 environment using NTDSUTIL
– First take failed DC offline.
– Steps are, connect to a healthy DC, list, select, and remove failed DC.
– From a domain computer (Windows 7 Pro) in cmd prompt.
– Required DomainAdmin or EnterpriseAdmin account.

Note: related article on New Credentials

ntdsutil: metadata cleanup
metadata cleaup: connections
server connections: connect to server healthy-dc1
Binding to healthy-dc1 …
Connected to healthy-dc1 using credentials of locally logged on user.
server connections: quit
metadata cleanup: select operation target
select operation target: list domain
Found 1 domain(s)
0 – DC=DomanName,DC=com
select operation target: select domain 0
No current site
Domain – DC=DomanName,DC=com
No current server
No current Naming Context
select operation target: list sites
Found 1 site(s)
0 – CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DomanName,DC=com
select operation target: select site 0
Site – CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DomanName,DC=com
Domain – DC=DomanName,DC=com
No current server
No current Naming Context
select operation target: list servers in site
Found 6 server(s)
0 – CN=FAILED-DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DomanName,DC=com
1 – CN=FAILED-DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DomanName,DC=com
2 – CN=HEALTHY-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DomanName,DC=com
3 – CN=HEALTHY-DC5,CN=Servers,CN=Default-First-Site-NameName,CN=Sites,CN=Configuration,DC=DomanName,DC=com
4 – CN=HEALHTY-DC6,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DomanName,DC=com
5 – CN=HEALTHY-DC7,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DomanName,DC=com
select operation target: select server 0 (FAILED DC)
Site – CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DomanName,DC=com
Domain – DC=DomanName,DC=com
Server – CN=FAILED-DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DomanName,DC=com
DSA object – CN=NTDS Settings,CN=FAILED-DC3,CN=Servers,CN=Default-First-Site-Name,CN=sites,CN=
DNS host name – FAILED-DC3.DomanName.com
Computer object – CN=FAILED-DC3,OU=Domain Controllers,DC=DomanName,DC=com
No Current Naming Context
select operation target: quit
metadata cleanup: remove selected server
-> server remove confirmation dialog <-
Are you sure you want to remove the server object
“DC=DomanName,DC=com”?  This is not the last server for domain
Warning:The server in question should already be off-line permanently and never return
to service. If it comes back on-line, the server object will be revived.

Transferring / Seizing FSMO roles off the selected server.
Removing FRS metadata for the selected server.
Searching for FRS members under “CN=FAILED-DC3,OU=Domain Controllers,DC=DomanName,DC=com”.

Removing FRS member “CN=FAILED-DC3,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=DomanName,DC=com”.
Deleting subtree under “CN=FAILED-DC3,OU=Domain Controllers,DC=DomanName,DC=com”.

The attempt to remove the FRS settings on CN=FAILED-DC3,CN=Servers,CN=Default-First-Site-Name,CN=sites,
CN=Configuration,DC=DomanName,DC=com failed because “Element not found.”;
metadata cleanup is continuing…
“CN=FAILED-DC3,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,”DC=DomanName,DC=com” removed from server “healthy-dc1
metadata cleanup: quit

Test Replication: Show replication from inbound neighbors by running this command repadmin /showrepl


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s