Remove domain with no domain controller

Remove domain with no domain controller: Posted by Andrewb on February 24th, 2004; I am running Windows 2003 on all domain controllers
When I use NTDSUTIL to attempt to remove a domain (domain was not demoted with dcpromo) as described in KB216498 using 'remove selected server'. I first receive a message box prompt saying basically 'are you sure' and 'server does not exist' I select 'Yes' I am sure, then NTDSUTIL responds with the error 'DsRemoveDsServerW error 0x5(Access is denied)'?; Posted by Mike Aubert on February 24th, 2004; Hey Andrew,

Is the account you are logging on with a member of Enterprise Admins?

For example, even if you are an administrator in domain A, you don't have
permission to delete a domain controller in domain B (the failed domain).
You could normally log on as an administrator for domain B and remove the
domain controller, but (because there are no domain controllers for the
domain) you obviously can't log on that way in this instance.

Try using an account that is a member of Enterprise Admins and see if you
still get the error (if you have to add yourself to that group be sure that
the change replicates and that you log off and back on).

Let me know if I'm misunderstanding your scenario (i.e. what exactly has
failed)...

Mike

------------------------------------------------------------------
Mike Aubert
MCSE, MCSD, MCDBA
mikenews2@2000trainers.com

Note the "news2" in my email address is temporary and may be changed in the
future, remove it to email me at my Permanente address.
This posting is provided "AS IS" with no warranties, and confers no rights.

"Andrewb" <andrewb@acenet.net.au> wrote in message
news:05AF118C-754A-49E4-A183-3DE6D7689B46@microsoft.com...
first receive a message box prompt saying basically 'are you sure' and
'server does not exist' I select 'Yes' I am sure, then NTDSUTIL responds
with the error 'DsRemoveDsServerW error 0x5(Access is denied)'?; Posted by Chriss3 on February 24th, 2004; Make sure you are logged on with the Administrator account for the
particular forest/domain. Or an account members of Domain Admins or
Enterprise Admin.

Links below may can be to any help here.

230306 - HOW TO: Remove Orphaned Domains from Active Directory
http://support.microsoft.com/default...;en-us;q230306

HOW TO: Remove Data in Active Directory After an Unsuccessful Domain
Controller Demotion:
http://support.microsoft.com/support.../Q216/4/98.ASP
--
Regards,

Christoffer Andersson
No email replies please - reply in the newsgroup
If the information was help full, you can let me know at:
http://www.itsystem.se/employers.asp?ID=1

"Andrewb" <andrewb@acenet.net.au> skrev i meddelandet
news:05AF118C-754A-49E4-A183-3DE6D7689B46@microsoft.com...
first receive a message box prompt saying basically 'are you sure' and
'server does not exist' I select 'Yes' I am sure, then NTDSUTIL responds
with the error 'DsRemoveDsServerW error 0x5(Access is denied)'?; Posted by Andrewb on February 25th, 2004; I am logged in locally to the domain controller for the parent domain and the administrator is a member of the Enterprise Administrators group (in the parent domain).
To clarify, I am trying to delete a child domain where there is no domain controller.

I frist used the link
230306 - HOW TO: Remove Orphaned Domains from Active Director
http://support.microsoft.com/default...b;en-us;q23030

Which gave me the error I previously posted

I also tried the link
HOW TO: Remove Data in Active Directory After an Unsuccessful Domai
Controller Demotion
http://support.microsoft.com/support...s/Q216/4/98.AS

And after confirming to remove the domain I received the error

DsRemoveDsDomainW error 0x2015 (The directory service can perform the requested operation only a leaf object); Posted by Mike Aubert on February 25th, 2004; hmmm....

- If you use Ntdsutil to list all the domain controllers for the child
domain none are listed (make sure you check all sites)?

- Is the child domain you are trying to remove a parent to any other domain
or application directory partition?

------------------------------------------------------------------
Mike Aubert
MCSE, MCSD, MCDBA
mikenews2@2000trainers.com

Note the "news2" in my email address is temporary and may be changed in the
future, remove it to email me at my Permanente address.
This posting is provided "AS IS" with no warranties, and confers no rights.

"Andrewb" <andrewb@acenet.net.au> wrote in message
news:EC5A32A9-F7A0-48D4-871E-8F54067130E5@microsoft.com...
parent domain).; Posted by Andrewb on February 26th, 2004; The child domain was not a parent to any other domain

Maybe this is a problem because the new child domain I configured to replace the old child domain is using the same computer name for the domain controller
So basically I formatted and started again into a new domain but kept the same computer name.; Posted by Jay Connor on March 5th, 2004; "Andrewb" <andrewb@acenet.net.au> wrote in message news:<EC5A32A9-F7A0-48D4-871E-8F54067130E5@microsoft.com>...

Here is what I believe to be the correct answer to your problem:

There are objects still hanging around and the key is to delete the
naming contexts first starting with the following

list sites
1 - CN=sitename,CN=Sites,CN=Configuration,DC=yourparen tdomainname,DC=com
select site 1

list domains
4 - DC=yourdomainname,DC=yourparentdomain,DC=com
select domain 4

list naming context
12=DC=yourdomainname,DC=yourparentdomain,DC=com
13=DC=DomainDnsZones,DC=yourdomainname,DC=yourpare ntdomain,DC=com
select naming context 13

quit
delete naming context

set operation target
select naming context 12

quit
delete selected naming context

click yes on the popup

delete selected domain

click yes on the popup

Once you have done this you should be all set. if this doesn't work
make sure all references to you domain name are removed whether they
are actual domain controllers, naming contexts and of course from all
sites before you actually attempt to delete the domain itself.

hope this helps; Posted by David Everett [MSFT] on March 5th, 2004; Any application partitions that are leafs of the domain being cleaned up
will need to be deleted before proceeding with the domain cleanup.

run ntdsutil
domain management
connections
connect to server <dcname>
quit
from domain management prompt type: List

This should display all the NC's. See if the
DC=domaindnszones,dc=<domain>,dc=com for the non-existent domain is present.

If it is present type: delete NC DC=domaindnszones,dc=<domain>,dc=com

After the NC for the old domain is removed run ntdsutil and do a metadata
cleanup of the domain.

--
David Everett
Microsoft Corporation

This posting is provided "AS IS" with no warranties, and confers no rights.

"Jay Connor" <jconnor@ideasphereinc.com> wrote in message
news:ce83dbe6.0403042038.136ab422@posting.google.c om...
the parent domain).

Similar Posts

Need to Create Domain Controller with Domain Naminig Master Roleassigned (Microsoft Windows) by zaedi.ahmed@gmail.com
Remove Domain from Client PC including domain references (Networking) by Ted Fahy
new domain controller not getting listed in main domain controller (Windows 2003) by John Losey
Features of Primary Domain Controller & bakup domain controller (Windows NT) by V.R.karanjkar
retiring the first domain win2k domain controller (Windows 2000) by rob davis