- Posts: 17
- Thank you received: 0
How to removing forcibily child domain in win2003 Active Dir
18 years 1 month ago #18070
by jayveshne
Hi people!
I would really appriciate if any one helps me.
I have domain called "master.com" having 3 domain controllers (1 PDC and 2 addtional). recently i added child domain called "Child.com" to master.com domain (ie. Child.master.com)
Due to unfortunate reason i had to format "Child.com" only Domain controller without proper demotion.
Now there is not Child.com controller in network. But My Activer Directory is still holding "Child.com" Entry.
My question is how to get rid of this obsolute entries or revert back to only single Master.com domain in network.
Thank a lot for your answers
I would really appriciate if any one helps me.
I have domain called "master.com" having 3 domain controllers (1 PDC and 2 addtional). recently i added child domain called "Child.com" to master.com domain (ie. Child.master.com)
Due to unfortunate reason i had to format "Child.com" only Domain controller without proper demotion.
Now there is not Child.com controller in network. But My Activer Directory is still holding "Child.com" Entry.
My question is how to get rid of this obsolute entries or revert back to only single Master.com domain in network.
Thank a lot for your answers
18 years 1 month ago #18077
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: How to removing forcibily child domain in win2003 Active Dir
Hi there,
Firstly, you will need to tidy the Directory up using the NTDSUTIL. This document should take you through the process support.microsoft.com/kb/216498/en-us
Secondly, you will need to ensure that the DNS records are removed. Make sure you remember the GUID referencies in DNS also.
Cheers
Wayne
Firstly, you will need to tidy the Directory up using the NTDSUTIL. This document should take you through the process support.microsoft.com/kb/216498/en-us
Secondly, you will need to ensure that the DNS records are removed. Make sure you remember the GUID referencies in DNS also.
Cheers
Wayne
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
- jaiwardhan
- Offline
- New Member
Less
More
- Posts: 19
- Thank you received: 0
18 years 1 month ago #18080
by jaiwardhan
Replied by jaiwardhan on topic Re: How to removing forcibily child domain in win2003 Active Dir
Yup Smurf is right you will need to follow the KB article to clear out the metadata of the crashed server.
Besides following the artilce 216498 you will also need to follow this article for removing the domain completely.
How To Remove Orphaned Domains from Active Directory - support.microsoft.com/kb/230306
Though the article looks overwhelming but it's quite easy to follow. Hope this helps.
Besides following the artilce 216498 you will also need to follow this article for removing the domain completely.
How To Remove Orphaned Domains from Active Directory - support.microsoft.com/kb/230306
Though the article looks overwhelming but it's quite easy to follow. Hope this helps.
18 years 1 month ago #18122
by Smurf
N.B. Quote was taken from a different thread so the discussion has been brought into this one.
Hi,
If you re-read the KB Article, the servername it is refering to is the server in your Active Directory Forest that is Domain Naming FSMO. The article walks through determining this server.
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: How to removing forcibily child domain in win2003 Active Dir
Hi PPl
support.microsoft.com/kb/230306
The issue is I had created one domain as Engine.com and a child domain as clutch.engine.com
Due to some reasons I had to format clutch.engine.com and I have removed some entries from DC (Engine.com) however in Active Directory Domains and trust I am unable to remove clutch.engine.com
I refered
however I am unable to follow the step where it says connect connect to server servername as I already removed child domain and it no more exists
I would appriciate if anyone is able to resolve this issue
Thanks in advance
N.B. Quote was taken from a different thread so the discussion has been brought into this one.
Hi,
If you re-read the KB Article, the servername it is refering to is the server in your Active Directory Forest that is Domain Naming FSMO. The article walks through determining this server.
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
- kingofzombis
- Offline
- New Member
Less
More
- Posts: 9
- Thank you received: 0
18 years 1 month ago #18126
by kingofzombis
Replied by kingofzombis on topic Issue resolved
Hey Guys
As I already mentioned that I was unable to resolve the issue by the steps provided in
support.microsoft.com/kb/216498/en-us
support.microsoft.com/kb/230306
I googled for this issue and after trying many solution i came across something which works .
I hope it will help others also so I m sharing the step with u
1. Click Start, click Run, type ntdsutil, and then press ENTER.
2. At the Ntdsutil command prompt, type domain management, and then press ENTER.
3. Type connections, and then press ENTER.
4. Type connect to server Domain_Controller_Name, and then press ENTER.
5. After the following message appears, type quit, and then press ENTER:
Connected to Domain_Controller_Name using credentials of locally logged on user
6. At the domain management prompt, type list, and then press ENTER.
7. Note the following entry:
DC=DomainDnsZones,DC=Child_Domain, DC=extension
For example, if the child domain is Contoso.com, note the following entry:
DC=DomainDnsZones,DC=contoso,DC=com
8. Type the following command, and then press ENTER.
delete nc dc=domaindnszones,dc=Child_Domain,dc=extension
Note In this command, Child_Domain represents the name of the child domain that you want to remove. For example, if the child domain is Contoso.com, type the following command, and then press ENTER:
delete nc dc=domaindnszones,dc=contoso,dc=com
9. Quit Ntdsutil.
I did the same And it worked
As I already mentioned that I was unable to resolve the issue by the steps provided in
support.microsoft.com/kb/216498/en-us
support.microsoft.com/kb/230306
I googled for this issue and after trying many solution i came across something which works .
I hope it will help others also so I m sharing the step with u
1. Click Start, click Run, type ntdsutil, and then press ENTER.
2. At the Ntdsutil command prompt, type domain management, and then press ENTER.
3. Type connections, and then press ENTER.
4. Type connect to server Domain_Controller_Name, and then press ENTER.
5. After the following message appears, type quit, and then press ENTER:
Connected to Domain_Controller_Name using credentials of locally logged on user
6. At the domain management prompt, type list, and then press ENTER.
7. Note the following entry:
DC=DomainDnsZones,DC=Child_Domain, DC=extension
For example, if the child domain is Contoso.com, note the following entry:
DC=DomainDnsZones,DC=contoso,DC=com
8. Type the following command, and then press ENTER.
delete nc dc=domaindnszones,dc=Child_Domain,dc=extension
Note In this command, Child_Domain represents the name of the child domain that you want to remove. For example, if the child domain is Contoso.com, type the following command, and then press ENTER:
delete nc dc=domaindnszones,dc=contoso,dc=com
9. Quit Ntdsutil.
I did the same And it worked
18 years 1 month ago #18127
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: How to removing forcibily child domain in win2003 Active Dir
Just out of interest, at what point did it fail in knowledge base
support.microsoft.com/kb/230306
and what was the erorr (if you can remember) ?
Glad its sorted and thanks for sharing the info with the rest of the group, i'm sure it will be used again and again
Glad its sorted and thanks for sharing the info with the rest of the group, i'm sure it will be used again and again
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Time to create page: 0.145 seconds