Remove a Domain Using NTDSUTIL: Difference between revisions
No edit summary |
No edit summary |
||
| (One intermediate revision by the same user not shown) | |||
| Line 67: | Line 67: | ||
5. Select Site <number> | 5. Select Site <number> | ||
[[File: | [[File:Remove Domain 2.png.png|link=link=Special:FilePath/Media/image2.png|alt=Remove_Domain_2|ntdsutil-3]] | ||
List Domain Controllers in the site you connected to above | List Domain Controllers in the site you connected to above | ||
| Line 77: | Line 77: | ||
2. Select Server <number> | 2. Select Server <number> | ||
[[File: | [[File:Remove Domain 3.png|link=link=Special:FilePath/Media/image3.png|alt=Remove_Domain_3|ntdsutil-4]] | ||
You are ready to remove the Domain Controllers | You are ready to remove the Domain Controllers | ||
| Line 89: | Line 89: | ||
3. Select Yes on the pop up window | 3. Select Yes on the pop up window | ||
[[File: | [[File:Remove Domain 4.png|link=link=Special:FilePath/Media/image4.png|alt=Remove_Domain_4|ntdsutil-5]] | ||
4. Select Yes on the pop up windows | 4. Select Yes on the pop up windows | ||
[[File: | [[File:Remove Domain 5.png|link=link=Special:FilePath/Media/image5.png|alt=Remove_Domain_5|ntdsutil-6]] | ||
5. You will get back a message saying the Domain Controller has been removed. | 5. You will get back a message saying the Domain Controller has been removed. | ||
[[File: | [[File:Remove Domain 6.png|link=link=Special:FilePath/Media/image6.png|alt=Remove_Domain_6|ntdsutil-7]] | ||
Then you need to remove the naming contexts for the Domain you wish to remove. | Then you need to remove the naming contexts for the Domain you wish to remove. | ||
| Line 113: | Line 113: | ||
3. Select Naming Context <number> | 3. Select Naming Context <number> | ||
[[File: | [[File:Remove Domain 7.png|link=link=Special:FilePath/Media/image7.png|alt=Remove_Domain_7|ntdsutil-8]] | ||
Then quit back to remove the Naming Context | Then quit back to remove the Naming Context | ||
| Line 123: | Line 123: | ||
3. Select yes to remove the naming Context | 3. Select yes to remove the naming Context | ||
[[File: | [[File:Remove Domain 8.png|link=link=Special:FilePath/Media/image8.png|alt=Remove_Domain_8|ntdsutil-9]] | ||
4. You will get back a message saying the Naming Context has been removed. | 4. You will get back a message saying the Naming Context has been removed. | ||
[[File: | [[File:Remove Domain 9.png|link=link=Special:FilePath/Media/image9.png|alt=Remove_Domain_9|ntdsutil-10]] | ||
Repeat the above steps for all Domain Controllers and Naming Contexts for the Domain you wish to remove. | Repeat the above steps for all Domain Controllers and Naming Contexts for the Domain you wish to remove. | ||
| Line 136: | Line 136: | ||
[[File: | [[File:Remove Domain 10.png|link=link=Special:FilePath/Media/image10.png|alt=Remove_Domain_10|ntdsutil-11]] | ||
And thats it .. should be all gone.. | And thats it .. should be all gone.. | ||
[[Category:Windows]] | |||
Latest revision as of 09:10, 20 June 2020
So say for some reason you want to remove a Domain from Active Directory that no longer exists… how do you do it?
As always with Metadata Cleanups NTDSUTIL is your friend.
To remove the domain you need to remove the following using NTDSUTIL:
1. All Domain Controllers for the domain you want to remove.
2. All Naming Contexts for the Domain you want to remove.
You can then remove the actual Domain itself. Its important to remember when removing the naming contexts that there will be more than one. So for example:
DC=domain,DC=net
DC=DomainDnsZones,DC=domain,DC=net Its the DNS Zone that people tend to forget !!
If you get an error about Leaf Objects you havent removed all the Naming Contexts. You also need to ensure you are connected to the Domain Naming Master to perform the actual Domain Removal.
———————————————————————————————————————————————————————
Please ensure you are 100% certain you want to do the below, and dont do in a production environment without testing first
Below are some screenshots and bullet points on the end to end process:
With NTDSUTIL all of the commands can be abbreviated as long as they are unique, I have put some in brackets next to the full command.
First of all Connect to the Domain Naming Master
Connect using NTDSUTIL
1. Start up NTDSUTIL from a command prompt
Go into the Metadata Cleanup (M C for short)
2. Metadata Cleanup
Go into connections
3. Connections
Connect to the Domain Naming FSMO holder for your forest
4. Connect to <Server>
First of all remove any Domain Controllers from the Domain you wish to remove.
Quit Connections (Q)
1. Quit
Select the object you want to remove by using Select Operations Target ( S O T for short)
2. Select Operations Target
List the Domains in your Forest
3. List Domains
Connect to Domain you wish to remove
4. Select Domain <number>
List the Sites in your Forest and Select the Site which contains the first (or only) domain controller you wish to remove
5. Select Site <number>
List Domain Controllers in the site you connected to above
1. List Servers in Site
Select Domain Controller you want to remove
2. Select Server <number>
You are ready to remove the Domain Controllers
1. Quit
Remove the Domain Controller
2. Remove Selected Server
3. Select Yes on the pop up window
4. Select Yes on the pop up windows
5. You will get back a message saying the Domain Controller has been removed.
Then you need to remove the naming contexts for the Domain you wish to remove.
Move back to the objects you can select to select the Naming Context you want to remove
1. S O T
List the naming contexts for your Forest
2. List Naming Contexts
Select the Naming Context you wish to remove
3. Select Naming Context <number>
Then quit back to remove the Naming Context
1. Quit
2. Remove Selected Naming Context
3. Select yes to remove the naming Context
4. You will get back a message saying the Naming Context has been removed.
Repeat the above steps for all Domain Controllers and Naming Contexts for the Domain you wish to remove.
Next you need to remove the Domain itself !!PLEASE TAKE NOTE OF THE MESSAGE !!!
1. Remove Selected Domain
And thats it .. should be all gone..