| Author | Messages | |
benwayj
Posts:47
 | | 07/06/2010 6:21 PM |
| "thought" I removed all 2000 DCs from the forest. Upgrade forest and all
domains to 2003 function level.
Now I noticed one of the child domains has one of the windows 2000
server showing up as a DC in ADUC. The computer is still used for other
applications.
When I run dcpromo on it, it looks like it thinks its currently NOT a
DC.
If the server was dead and gone, I'd just remove the AD object and clean
up via Adsiedit
But since it's still used I can't really delete the object, but its
still in the domain controllers OU. But not in the AD sites and
services.
Jason Benway
System/Storage Engineer
www.jsjcorp.com <http://www.jsjcorp.com>
JSJ Corporation
700 Robbins Road
Grand Haven, MI 49417
________________________________
This message may contain confidential and/or privileged information. If
you are not the addressee or authorized to receive this for the
addressee,
you must not use, copy, disclose or take any action based on this
message or any information herein. If you have received this message in
error,
please advise the sender immediately by reply e-mail and delete this
message. Thank you for your cooperation.
| | | |
| bdesmond
Posts:977
| | 07/06/2010 6:31 PM |
| You could just move the computer account out to a different OU...
Thanks,
Brian Desmond
brian@briandesmond.com
c - 312.731.3132
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Jason Benway
Sent: Tuesday, July 06, 2010 12:20 PM
To: activedir@mail.activedir.org
Subject: [ActiveDir] old 2000 DC didn't remove itself correctly
"thought" I removed all 2000 DCs from the forest. Upgrade forest and all domains to 2003 function level.
Now I noticed one of the child domains has one of the windows 2000 server showing up as a DC in ADUC. The computer is still used for other applications.
When I run dcpromo on it, it looks like it thinks its currently NOT a DC.
If the server was dead and gone, I'd just remove the AD object and clean up via Adsiedit
But since it's still used I can't really delete the object, but its still in the domain controllers OU. But not in the AD sites and services.
Jason Benway
System/Storage Engineer
www.jsjcorp.com<http://www.jsjcorp.com>
[Description: C:\Users\benwayj\AppData\Roaming\Microsoft\Signatures\JSJ_Email_Sig.jpg]
JSJ Corporation
700 Robbins Road
Grand Haven, MI 49417
________________________________
This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee,
you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error,
please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation.
| | | |
| benwayj
Posts:47
| | 07/06/2010 6:35 PM |
| Where else should I look to see if anything else thinks its still a DC?
jb
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Brian Desmond
Sent: Tuesday, July 06, 2010 1:28 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] old 2000 DC didn't remove itself correctly
You could just move the computer account out to a different OU...
Thanks,
Brian Desmond
brian@briandesmond.com
c - 312.731.3132
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Jason Benway
Sent: Tuesday, July 06, 2010 12:20 PM
To: activedir@mail.activedir.org
Subject: [ActiveDir] old 2000 DC didn't remove itself correctly
"thought" I removed all 2000 DCs from the forest. Upgrade forest and all
domains to 2003 function level.
Now I noticed one of the child domains has one of the windows 2000
server showing up as a DC in ADUC. The computer is still used for other
applications.
When I run dcpromo on it, it looks like it thinks its currently NOT a
DC.
If the server was dead and gone, I'd just remove the AD object and clean
up via Adsiedit
But since it's still used I can't really delete the object, but its
still in the domain controllers OU. But not in the AD sites and
services.
Jason Benway
System/Storage Engineer
www.jsjcorp.com <http://www.jsjcorp.com>
JSJ Corporation
700 Robbins Road
Grand Haven, MI 49417
________________________________
This message may contain confidential and/or privileged information. If
you are not the addressee or authorized to receive this for the
addressee,
you must not use, copy, disclose or take any action based on this
message or any information herein. If you have received this message in
error,
please advise the sender immediately by reply e-mail and delete this
message. Thank you for your cooperation.
| | | |
| bdesmond
Posts:977
| | 07/06/2010 6:41 PM |
| userAccountControl attribute has a flag if it's a DC.
Thanks,
Brian Desmond
brian@briandesmond.com
c - 312.731.3132
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Jason Benway
Sent: Tuesday, July 06, 2010 12:34 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] old 2000 DC didn't remove itself correctly
Where else should I look to see if anything else thinks its still a DC?
jb
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Brian Desmond
Sent: Tuesday, July 06, 2010 1:28 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] old 2000 DC didn't remove itself correctly
You could just move the computer account out to a different OU...
Thanks,
Brian Desmond
brian@briandesmond.com<mailto:brian@briandesmond.com>
c - 312.731.3132
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Jason Benway
Sent: Tuesday, July 06, 2010 12:20 PM
To: activedir@mail.activedir.org
Subject: [ActiveDir] old 2000 DC didn't remove itself correctly
"thought" I removed all 2000 DCs from the forest. Upgrade forest and all domains to 2003 function level.
Now I noticed one of the child domains has one of the windows 2000 server showing up as a DC in ADUC. The computer is still used for other applications.
When I run dcpromo on it, it looks like it thinks its currently NOT a DC.
If the server was dead and gone, I'd just remove the AD object and clean up via Adsiedit
But since it's still used I can't really delete the object, but its still in the domain controllers OU. But not in the AD sites and services.
Jason Benway
System/Storage Engineer
www.jsjcorp.com<http://www.jsjcorp.com>
[Description: C:\Users\benwayj\AppData\Roaming\Microsoft\Signatures\JSJ_Email_Sig.jpg]
JSJ Corporation
700 Robbins Road
Grand Haven, MI 49417
________________________________
This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee,
you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error,
please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation.
| | | |
| benwayj
Posts:47
| | 07/06/2010 6:47 PM |
| Thanks!!
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Brian Desmond
Sent: Tuesday, July 06, 2010 1:39 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] old 2000 DC didn't remove itself correctly
userAccountControl attribute has a flag if it's a DC.
Thanks,
Brian Desmond
brian@briandesmond.com
c - 312.731.3132
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Jason Benway
Sent: Tuesday, July 06, 2010 12:34 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] old 2000 DC didn't remove itself correctly
Where else should I look to see if anything else thinks its still a DC?
jb
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Brian Desmond
Sent: Tuesday, July 06, 2010 1:28 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] old 2000 DC didn't remove itself correctly
You could just move the computer account out to a different OU...
Thanks,
Brian Desmond
brian@briandesmond.com
c - 312.731.3132
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Jason Benway
Sent: Tuesday, July 06, 2010 12:20 PM
To: activedir@mail.activedir.org
Subject: [ActiveDir] old 2000 DC didn't remove itself correctly
"thought" I removed all 2000 DCs from the forest. Upgrade forest and all
domains to 2003 function level.
Now I noticed one of the child domains has one of the windows 2000
server showing up as a DC in ADUC. The computer is still used for other
applications.
When I run dcpromo on it, it looks like it thinks its currently NOT a
DC.
If the server was dead and gone, I'd just remove the AD object and clean
up via Adsiedit
But since it's still used I can't really delete the object, but its
still in the domain controllers OU. But not in the AD sites and
services.
Jason Benway
System/Storage Engineer
www.jsjcorp.com <http://www.jsjcorp.com>
JSJ Corporation
700 Robbins Road
Grand Haven, MI 49417
________________________________
This message may contain confidential and/or privileged information. If
you are not the addressee or authorized to receive this for the
addressee,
you must not use, copy, disclose or take any action based on this
message or any information herein. If you have received this message in
error,
please advise the sender immediately by reply e-mail and delete this
message. Thank you for your cooperation.
| | | |
| sdelrio
Posts:14
| | 07/07/2010 11:08 AM |
| If its a DC the useraccountcontrol would be 532480 , else it is not a DC 
On Tue, Jul 6, 2010 at 2:46 PM, Jason Benway <benwayj@jsjcorp.com> wrote:
> Thanks!!
>
>
>
> *From:* activedir-owner@mail.activedir.org [mailto:
> activedir-owner@mail.activedir.org] *On Behalf Of *Brian Desmond
> *Sent:* Tuesday, July 06, 2010 1:39 PM
>
> *To:* activedir@mail.activedir.org
> *Subject:* RE: [ActiveDir] old 2000 DC didn't remove itself correctly
>
>
>
> *userAccountControl attribute has a flag if it’s a DC. *
>
> * *
>
> *Thanks,*
>
> *Brian Desmond*
>
> *brian@briandesmond.com*
>
> * *
>
> *c – 312.731.3132*
>
> * *
>
> *From:* activedir-owner@mail.activedir.org [mailto:
> activedir-owner@mail.activedir.org] *On Behalf Of *Jason Benway
> *Sent:* Tuesday, July 06, 2010 12:34 PM
> *To:* activedir@mail.activedir.org
> *Subject:* RE: [ActiveDir] old 2000 DC didn't remove itself correctly
>
>
>
> Where else should I look to see if anything else thinks its still a DC?
>
>
>
> jb
>
>
>
> *From:* activedir-owner@mail.activedir.org [mailto:
> activedir-owner@mail.activedir.org] *On Behalf Of *Brian Desmond
> *Sent:* Tuesday, July 06, 2010 1:28 PM
> *To:* activedir@mail.activedir.org
> *Subject:* RE: [ActiveDir] old 2000 DC didn't remove itself correctly
>
>
>
> *You could just move the computer account out to a different OU…*
>
> * *
>
> *Thanks,*
>
> *Brian Desmond*
>
> *brian@briandesmond.com*
>
> * *
>
> *c – 312.731.3132*
>
> * *
>
> *From:* activedir-owner@mail.activedir.org [mailto:
> activedir-owner@mail.activedir.org] *On Behalf Of *Jason Benway
> *Sent:* Tuesday, July 06, 2010 12:20 PM
> *To:* activedir@mail.activedir.org
> *Subject:* [ActiveDir] old 2000 DC didn't remove itself correctly
>
>
>
> “thought” I removed all 2000 DCs from the forest. Upgrade forest and all
> domains to 2003 function level.
>
>
>
> Now I noticed one of the child domains has one of the windows 2000 server
> showing up as a DC in ADUC. The computer is still used for other
> applications.
>
> When I run dcpromo on it, it looks like it thinks its currently NOT a DC.
>
>
>
> If the server was dead and gone, I’d just remove the AD object and clean up
> via Adsiedit
>
>
>
> But since it’s still used I can’t really delete the object, but its still
> in the domain controllers OU. But not in the AD sites and services.
>
>
>
>
>
>
>
> Jason Benway
> System/Storage Engineer
>
> www.jsjcorp.com
>
> [image: Description:
> C:\Users\benwayj\AppData\Roaming\Microsoft\Signatures\JSJ_Email_Sig.jpg]
>
> *JSJ* *Corporation
> *700 Robbins Road
> Grand Haven, MI 49417
> ------------------------------
>
> This message may contain confidential and/or privileged information. If you
> are not the addressee or authorized to receive this for the addressee,
> you must not use, copy, disclose or take any action based on this message
> or any information herein. If you have received this message in error,
> please advise the sender immediately by reply e-mail and delete this
> message. Thank you for your cooperation.
>
>
>
| | | |
|
|