Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Just found a non-existent DC

Status
Not open for further replies.
JBruyet

JBruyet

IS-IT--Management
Apr 6, 2001
1,200
US
Hey all,

I was just going though some sniffed network traffic (I recently downloaded Ethereal) and one of my DCs is looking for a DC called NT_Two. This was an NT server that was removed from service 18 months ago. I checked in Domain Controllers on the DC doing the looking and NT_Two is listed as a DC. Since this was an NT PDC can I just delete the account out of Domain Controllers? ...I just now remembered that this computer wanted to be a PDC even though I had 2k DCs up and running. I was under the impression that once a Win2k DC was up and running the NT PDC would move back down to BDC. Should I build an NT server and name it NT_Two and try to get this taken care of? If so, any ideas on how to do it so it really does get removed from the network this time?

Thanks,

Joe Brouillette
 
Sort by date Sort by votes
Joe,

Building another machine and naming it the same won't resolve the problem because of the issue that the names are there for us 'stupid humans'. Either GUID or SID is the identifier. The job is to remove the SID of the old NT machine from wherever it is.

Likely, you will have to fire up ADSIEdit and look in the Domain NC and the Configurtion. Poke around a bit, as I suspect it's going to be there - just not 100% sure where.

BTW - Windows 2000 will not be able to 'enforce' a demotion of a PDC to a BDC. That would have to be done manually from Server Manager on an NT system.

Hope this helps...



Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone -
 
Upvote 0 Downvote
Yeah I would just try to delete it rather then build yourself a new server etc...

Try deleting in the Domain Controllers section of the Active Directory Computers and Users MMC if its listed, or if not, use the adsiedit/ntdsutil to kill off the entry in the active directory...


... are all pages that have helped me clean up my active directory of no longer existent domain controllers in the past....

Hope it helps!

Steve.
 
Upvote 0 Downvote
Thanks Rick,

ADSIEdit did the job!

Joe
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

andyferris
  • Locked
  • Question
DC Event logs auditing cannot be set by GPO
Replies
1
Views
340
RRankin355
RRankin355
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
810
DrB0b
DrB0b
mangentle
  • Locked
  • Question
What could be the potential causes if a Microsoft Windows Server is experiencing slow network!
Replies
1
Views
1K
gbaughma
gbaughma
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
601
DTGMI
DTGMI
maybeimaleo
  • Locked
  • Question
Is There a Best Windows OS to Upgrade a CA Server to?
Replies
5
Views
425
maybeimaleo
maybeimaleo

Part and Inventory Search

Sponsor

Back
Top