Getting rid of a really old server in adsiedit
we trying demote 2008r2 server. ad wouldn't let , gave error.
the operation failed because:
active directory domain services not transfert remaining data in directory partition dc=domaindnszones, dc=, dc=domainame, dc active directory domain controller
new domain controller.
"the directory service missing mandatory configuration information, , unable determine ownership of floating single-master operation roles."
got looking , 2 of our sub-domains list servers @ least 5 years old domainreplica in adsi edit, coincide event viewer. event id2022 operations master roles held directory server not transfer following remote directory server.
we had tried ndtsutil , there no servers in there name. mentioned these really old servers. have worked here 6 years , before time 1 of them. have root domain-which fine. 2 sub-domains have problem other ones fine.
go to:
1-adsiedit in 1 of problem domains.
2-right click adsiedit, pick default naming context, ok
3-right click domain under "default naming context", properties
4-scroll down domainreplica...the server listed old one.
5-try edit entry
6-clear, ok
7-apply.... operation failed. error code: 0x209a access attribute owned security accounts manager (sam). 0000209a: svcerr: dsid-031a1021, problem 5003 (will_not_perform), data 0
peter andersen
peter,
what domain , forest functional level? if server 2000 native or higher, can ignore attribute. you not able clear (in supported manner) anyway.
Windows Server > Directory Services
Comments
Post a Comment