Home > Archive > 70-217 > July 2003 > Followup AD problem





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Followup AD problem
mandani

2003-07-17, 6:52 pm

So if you remember I was taking away three possible solutions to my original problem which was a failed AD demotion on the last dc in the domain where I was unable to access the AD or dns entries for my server however all of the Users accounts were still valid.


1) Erase the AD Database and let it regenerate in DNS.
Method
Command Prompt
Ipconfig /flushdns
net stop netlogon
erase ntds.dit
net start netlogon
ipconfig /registerdns

When I tried this it would not allow me to erase the DB. Perhaps I needed to stop a process or something but it wouldn't have it so I renamed the file in restore mode and restarted. The machine would not logon due to a missing file so I had to go back and replace the file.
Perhaps there is a missing step but this did not work to refresh AD for me.

2) Microsoft solution - 216498
HOW TO: Remove Data in Active Directory After an Unsuccessful Domain Controller Demotion

http://support.microsoft.com/defaul...kb;en-us;216498

Due to the fact that I was unable to create a connection to the AD and the domain this solution did not take of and I could not even begin to start removing AD objects and or data.

3) Brute force

Use regedt32 to navigate to:
HKEY_LOCAL_MACHINE\SYSTEM\Curr
entControlSet\Control\ProductO
ptions
Edit Product type value name from LanmanNT to ServerNT
Restart and the server does not look for the domain thus the ntds.dit file and the ntds folder are inactive and can be removed. Dns can be updated local user must be added to make up for the lost profiles.

When in doubt,
KICK IT OUT.

Forgive me if I am wrong but I think Techranger suggested this and I am grateful.

This has allowed me to remove all traces of the AD. I have to reinstall DNS and AD if I want to recerate my domain but I can now create local user accounts and the server is more or less back to normal.

What an ordeal?

By the way I passed 217 and 219 in the process. Must have been a good learning experience. I now have one to go to be certifiable (or maybe that was what I was at the start and now I can be certified).

I am going to try ISA if anyone has any good advice I am always listening.
jeff_j_black

2003-07-17, 8:14 pm

Congrats! We knew you were doing 217, but 219? How long did you take between 217 and 219?
mandani

2003-07-18, 8:11 am

I gave myself 2 weeks. The hardest part on the 219 was really getting a grip on the type of information to focus on in the cases.

Conveniently the 219 material is nothing new so it should be breeze if you really understand the application of the 217 material.
jeff_j_black

2003-07-18, 4:48 pm

That's pretty true about 219, not much prep needed if you are good on 217.
Sponsored Links





Free Braindumps | MCSE braindumps software forum

Copyright 2003 - 2008 examnotes.net