Microsoft
Software
Hardware
Network
Question : Can I remove Active Directory from AD Recovery Mode (F8) on W2K Server?
I had win2K server crash due to a failing HD. I was able to take a ghost image of the failed drive even though it had many bad sectors. However, upon installing a replacement HD and dumping the image I get a error when trying to boot up regarding Ad.
Directory Service cannot start. Error status 0xc00002e1
I've tried repairing the file following all the microsoft knowledge base articles which suggest using NTDSUTIL etc etc but the nothing works. I don't care if I have to remove AD all together I just want to be able to get the server to boot up in normal mode without having AD loaded. I DO NOT want to have to wipe the machine clean and re-install .
Is there a way to uninstall or disable active directory from AD recovery mode?
When I try DCPROMO it tells me I can't run it because I'm in safe mode.
I have full access to other computers, ERD boot disk, etc I can remove the main drive and connect it to another machine as a secondary drive which will give me full acess to delete/change any folders i need to. Is possible simply to just delete the entire AD folder or something to that effect?
The client does not have ANY backup of ANYTHING so restoring is not an option.
Answer : Can I remove Active Directory from AD Recovery Mode (F8) on W2K Server?
DCPromo /forceremoval DOES NOT working in safe mode or while in the directory service recovery mode. After search for a while I FOUND A WORKING SOLUTION! If you have this problem and wiping out the server simply is NOT an option that I suggest you try the following UNSUPPORTED method for removing Active Directory from a server which won't boot into nomal mode. I followed these steps and was sucessfully able to remove AD and the reconfigure it without having to wipe the machine. We did have to re-create all the AD users but we didn't lose any of the propritery software that was loaded on the server which was the main concern. Here it is:
this actually worked. The ntds.dit was corrputed and the srv would only boot into DSRM. Used the procedure below and recreated AD, new accounts created and we kept the old propietary software on the server.
Click this link to view the site:
http://blogs.dirteam.com/b
logs/jorge
/archive/2
006/12/03/
Uninstalli
ng-Active-
Directory-
_2D00_-Dem
oting-a-DC
.aspx
The steps of the UNSUPPORTED way of removing AD from a server with W2K and W2K3 are:
Boot into DSRM (Directory Services Restore Mode)
Log on with the DSRM administrator
Start REGEDIT
Navigate to the key "HKLM\System\CurrentContro
lSet\Contr
ol\Product
Options"
Change the data value of the data name "ProductType" from "LanmanNT" to "ServerNT"
Reboot the server. It will boot as a stand alone server (although it shows the domain it belongs to in the logon screen)
Login with the LOCAL SERVER administrator account and its password. The password is the same as the DSRM administrator account.
Promote the server to a DC in a new AD domain in a new AD forest.
As a domain use for example "TEMPAD.TEMP" as the domain FQDN and "TEMPAD" as the domain NetBIOS name (it will suggest the OLD domain NetBIOS name, but DO NOT use that!!!).
Use the same path for the AD DB, the AD LOGS and the SYSVOL. If you don't know anymore open REGEDIT and navigate to the key "HKLM\SYSTEM\CurrentContro
lSet\Servi
ces\NTDS\P
arameters"
for the AD files information and look at the data values from the data names "DSA Working Directory" and "Database log files path". For the SYSVOL path navigate to the key "HKLM\SYSTEM\CurrentContro
lSet\Servi
ces\Netlog
on\Paramet
ers" and look at the data value from the data name "SYSVOL". From that path use only the part without the last SYSVOL directory. After entering the paths acknowledge to delete the current files in the specified folders!
REMARK: the password of the domain administrator account will be the same as the local server administrator, which again is the same as the previous DSRM administrator account.
Reboot the server. It will boot as a DC for the new created AD forest/domain
Login with the domain administrator account and its password. Look at the remark mentioned above.
Demote the DC being the last DC of the AD forest/domain that was just created. The end result will be a stand alone server which will still have the temporary FQDN as its DNS suffix (this changes automatically by default when the domain membership changes).
Delete the SYSVOL directory.
Reboot the server. It will boot as a stand alone server.
From now on do with the server as you wish, like joining as a member server or promoting to a DC of an existing AD domain (BEFORE DOING EITHER, DO FIRST WHAT IS MENTIONED ABOVE MEANING "SEIZING FSMO ROLES" HOSTED BY THE DC BEFORE AND "CLEANING ITS METADATA" AND FORCING AD REPLICATION OF BOTH CHANGES)
Random Solutions
VBA Variable as DLookup Criteria
Moving public folders from Exchange 2007 to Exchange 2003 - Different Organisations
Access, non-print a null field.
HELP, I fallen on a 'Runtime Error 3134 Syntax error in INSERT INTO statement' and i can't get up!
Microsoft Dynamics CRM 4.0
How can I add this Excel Sheet to Access (form) and make it work like Excel Sheet?
Need SQL Syntax help to make my qry more efficient.
outlook vba to saveas .msg allowing user to navigate to target folder.
WINDOWS SERVER 2008 BACKUP
How To Recover Encrypted / Corrupted Word Documents