• Home
  • About Me …
  • Disclaimer

IgNiTeD SoUL

The Technical Information Hub
Stay updated via RSS

  • Logo

  • Categories

  • Tagz

    .net 32 bit MMC 64 Bit MMC Active Directory Active Directory Roles Backup Bios Bitlocker CMD Ctrl c Truths DHCP Distribution Groups DNS Domain Controller Drivers Ebooks EF encrypted files ESX Exchange Server Failover Clustering Firewall FSMO Roles Global Catalog Group Policy Management Hard Disk Hyper-V Info Intersite Replication Intrasite Replication Ip Address Jobs kerberos Keyboard Shortcut Keys and Values Logon Issues Logon Script Maintenance MMC Networking Outlook Performance Tweak Printers Recovery Recycle Bin Registry Remote Procedure Call Replication Restore Point Robocopy Scheduled tasks search Security Server Server 2003 Server 2008 Startup System State System State Backup SysVol Task Manager Task Scheduler technology Theme Torrent Tricks Virtual Machine Backup Vista VM VMWare vpn Wi-Fi Windows 7 Workstation XP
  • Search

  • Ignited Calendar

    September 2012
    M T W T F S S
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    « Aug   Oct »
  • Archives

    • March 2015 (1)
    • January 2014 (2)
    • December 2013 (1)
    • July 2013 (2)
    • June 2013 (1)
    • February 2013 (6)
    • January 2013 (3)
    • November 2012 (1)
    • October 2012 (3)
    • September 2012 (9)
    • August 2012 (8)
    • July 2012 (4)
    • June 2012 (1)
    • April 2012 (4)
    • January 2012 (5)
    • December 2011 (1)
    • November 2011 (2)
    • October 2011 (2)
    • August 2011 (8)
    • July 2011 (7)
    • June 2011 (15)
    • May 2011 (1)
    • April 2011 (4)
    • March 2011 (11)
    • January 2011 (4)
    • October 2010 (2)
    • September 2010 (13)
    • July 2010 (2)
    • June 2010 (9)
    • May 2010 (31)
    • April 2010 (7)
    • March 2010 (46)
    • January 2010 (30)
    • November 2009 (4)
    • October 2009 (23)
    • September 2009 (5)
    • August 2009 (137)
  • Recent Comments

    jmmelkon on Robocopy ERROR 5 (0x00000005)…
    Jake on AGDLP (Accounts, Global groups…
    ShineOn on Robocopy ERROR 5 (0x00000005)…
    Lauren on Creating a Reverse Lookup Zone…
    thejas on Robocopy ERROR 5 (0x00000005)…
  • Recent Posts

    • WMI Corrupt: How to re-install /repair
    • This source server failed to generate the changes
    • 2013 in review
    • ROBOCOPY in Detail
    • The version store has reached its maximum size because of unresponsive transaction
  • Author: Ravindra Kulkarni

    • Ravindra Kulkarni
  • Contact Info

    Akshaya Nagar, Bannerghatta Road, Bangalore
    On Request
    Available on Weekends Only.
  • FB

    FB
  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 172 other subscribers
  • Blogroll

    • Madeira Consultancy
    • Purple Carrot INC
    • Server Cafe
    • WordPress.com
    • WordPress.org
  • Pages

    • About Me …
    • Disclaimer
  • Top Rated

  • Blog Stats

    • 241,090 hits
  • RSS Ignited RSS

    • WMI Corrupt: How to re-install /repair
      How to verify if the WMI is working fine on the Server? ANS: Open Command prompt in Administrator mode and run the below command: winmgmt /verifyrepository If the WMI is working fine, then you get message as WMI is consistent, or else you get the error code. Below is the link for the Error code […]
    • This source server failed to generate the changes
      Alert: This source server failed to generate the changes Description: This directory service failed to retrieve the changes requested for the following directory partition. As a result, it was unable to send change requests to the directory service at the following network address. Event ID: 1479 Active Directory Domain Services could not update the followin […]
    • 2013 in review
      The WordPress.com stats helper monkeys prepared a 2013 annual report for this blog. Here’s an excerpt: The concert hall at the Sydney Opera House holds 2,700 people. This blog was viewed about 21,000 times in 2013. If it were a concert at Sydney Opera House, it would take about 8 sold-out performances for that many […]
    • ROBOCOPY in Detail
      Robust File and Folder Copy. By default Robocopy will only copy a file if the source and destination have different time stamps or different file sizes.   Syntax ROBOCOPY Source_folder Destination_folder [files_to_copy] [options]   Key file(s)_to_copy : A list of files or a wildcard. (defaults to copying *.*)     Source options /S : Copy […]
    • The version store has reached its maximum size because of unresponsive transaction
        This Alert occurs in 2008 R2 Servers —————————————————————————— Alert: Active Directory cannot update object due to insufficient memory Last modified by: System Last modified time: 7/18/2013 1:02:10 PM Alert description: Active Directory Domain Services could not update the following object in the local Active Directory Domain Services database with change […]
    • Keyset does not exist (Error 0x80090016)
      Issue: This kind of issue is basically related to Task Scheduler, Normally you observe that the Tasks are not running as scheduled, when you try to check the properties of task, you get this error. When you click “Ok”, you get the Properties of the task, but nothing works even though you make the changes. […]
    • Troubleshooting Group Policy application
      Summary:  Group Policy application seems straightforward enough: Group Policy Objects (GPOs) are linked to organizational units (OUs); users and computers are in OUs. All the GPOs from a user’s OU hierarchy filter down to the user. Things get more complicated, though, when you remember that GPOs can be linked to a domain and to sites—meaning […]
    • How does Active Directory enable Centralized Administration?
        Active Directory contains information about all objects and their attributes. The attributes hold data that describes the resource that the directory object identifies. Because information about all network resources is stored in Active Directory, a single administrator can centrally manage and administer network resources. Active Directory can be queried […]
    • The FSMO Role Owner Attribute
      The FSMO role owners are stored in Active Directory in different locations depending on the role. The DN of the server holding the role is actually stored as the FSMO Role Owner attribute of various objects. For the Ignitedsoul.com domain, here are the containers that hold that attribute in the following order: PDC Role Owner, […]
    • Issues with Remote Desktop Connection
      Issue: –          The Remote connection gets established but gets disconnected moments before you get the Desktop. Symptoms: –          You are able to Ping the Server –          The Server seems to be fine when checked in Console. –          All the RDP Services seems to be fine. –          When trying to take Remote connection, the connection gets […] […]
  • Visits

    Locations of visitors to this page
  • My Cafe in Goa

    My Cafe in Goa
  • Email the Author

    Ravindra.Kulkarni@IgnitedSoul.com
  • Internet Stats

    Rating for ignitedsoul.com
  • Qcast

  • MCITP

Metadata Cleanup of Domain Controllers

Posted: September 13, 2012 in Active Directory, Domain Controller, Server, Server 2003, Server 2008
Tags: Active Directory, Demote, Demoting, Metadata Cleanup, ntdsutil, Server, Server 2003, Server 2008
0

Metadata Cleanup of Domain Controllers

 

Note: You must try the below steps only when the Graceful demoting of the server fails from “DCPROMO”

Note: You may get a error while demoting if you have a forest with 2003 and 2008 mixed Domain Controllers.

          : Some of the errors will be like: LDAP Error 0x32<50<Insufficient rights> or: Win32 error returned is 0x5<Access is Denied>

          : There is a easy steps to demote if you have the error. (Will be posting it soon)

Scenario:

–          Server1 should be demoted from XYZ Domain.

–          ABC.XYZ.com is the primary Domain Controller in the Domain.

–          We have total of 3 sites in the whole network, Site1, Site2 & Site3

–          The plan is to Demote Server1 hosted in Site3

–          Login to any of the Domain Controllers and follow the below steps

Note: Words marked in BLUE are the entries which should be input by you.

Open the Command Prompt from the server and run the below commands:

C:\>ntdsutil

ntdsutil: metadata cleanup

metadata cleanup: connections

server connections: connect to server ABC

Binding to ABC …

Connected to ABC using credentials of locally logged on user.

server connections: quit

metadata cleanup: select operation target

select operation target: list domain

Found 1 domain(s)

0 – DC=XYZ,DC=com

select operation target: select domain 0

No current site

Domain – DC=XYZ,DC=com

No current server

No current Naming Context

select operation target: list sites

Found 3 site(s)

0 – CN=Site1,CN=Sites,CN=Configuration,DC=XYZ,DC=com

1 – CN=Site2,CN=Sites,CN=Configuration,DC=XYZ,DC=com

2 – CN=Site3,CN=Sites,CN=Configuration,DC=XYZ,DC=com

select operation target: select site 3

Site – CN=Site3,CN=Sites,CN=Configuration,DC=XYZ,DC=com

Domain – DC=XYZ,DC=com

No current server

No current Naming Context

select operation target: list servers in site

Found 2 server(s)

0 – CN=Server1,CN=Servers,CN=Site3,CN=Sites,CN=Configuration,DC=XYZ,DC=com

1 – CN=Server2,CN=Servers,CN=Site3,CN=Sites,CN=Configuration,DC=XYZ,DC=com

select operation target: select server 0

Site – CN=Site3,CN=Sites,CN=Configuration,DC=XYZ,DC=com

Domain – DC=XYZ,DC=com

Server – CN=Server1,CN=Servers,CN=Site3,CN=Sites,CN=Configuration,DC=XYZ,DC=com

DSA object – CN=NTDS Settings,CN=Server1,CN=Servers,CN=Site3,CN=Sites,CN=Configuration,DC=XYZ,DC=com

DNS host name – Server1.XYZ.com

Computer object – CN=Server1, OU=Domain Controllers,DC=XYZ,DC=com

No current Naming Context

select operation target: quit

metadata cleanup: remove selected server

Transferring / Seizing FSMO roles off the selected server.

Removing FRS metadata for the selected server.

Searching for FRS members under “CN=Server1, OU=Domain Controllers,DC=XYZ,DC=com”.

Removing FRS member “CN=Server1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=XYZ,DC=com”.

Deleting subtree under “CN=Server1,CN=Domain System Volume (SYSVOL share),CN=File

Replication Service,CN=System,DC=XYZ,DC=com”.

Deleting subtree under “CN=Server1, OU=Domain Controllers,DC=XYZ,DC=com”.

The attempt to remove the FRS settings on CN=Server1,CN=Servers,CN=Site3,CN=Sites,CN=Configuration,DC=XYZ,DC=com failed because “Element not found.”;

metadata cleanup is continuing.

“CN=Server1,CN=Servers,CN=Site3,CN=Sites,CN=Configuration,DC=XYZ,DC=com” removed from server “ABC”

metadata cleanup: quit

ntdsutil: quit

Disconnecting from ABC…

Now you should be able to see “ntdsutil” missing from the Active Directory Sites and Services from the particular Site.

12.971606 77.594376
Advertisement

Rate this:

Share this:

  • Facebook
  • Twitter
  • LinkedIn
  • Reddit
  • Email
  • Print

Like this:

Like Loading...

Related

Leave a Reply Cancel reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. ( Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. ( Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. ( Log Out /  Change )

Cancel

Connecting to %s

Procedure to Restore the System State Backup
Cannot login to Domain Controllers / Issue to login into Domain Controllers

  • Calendar

    September 2012
    M T W T F S S
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    « Aug   Oct »
  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 172 other subscribers
  • Blogroll

    • Madeira Consultancy
    • Purple Carrot INC
    • Server Cafe
    • WordPress.com
    • WordPress.org
Create a free website or blog at WordPress.com.
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy
  • Follow Following
    • IgNiTeD SoUL
    • Join 30 other followers
    • Already have a WordPress.com account? Log in now.
    • IgNiTeD SoUL
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Copy shortlink
    • Report this content
    • View post in Reader
    • Manage subscriptions
    • Collapse this bar
%d bloggers like this: