Cleaning Directory Metadata

Leave a comment

July 18, 2011 by Rakesh Boraiah


As your AD DS implementation ages, you’ll probably be left with some junk: old computer accounts that refer to PCs you dumped a long time ago, domain controllers you removed from service without first decommissioning them within AD DS, and other detritus. Every so often, it’s a good idea to clean out this old data so bugs that are hard to track (and therefore are hard to troubleshoot) don’t pop up, and so future major AD DS actions, such as renaming or removing a domain, aren’t held up because of a junked-up directory.

Let’s say we have a child domain, called cluster.hasselltech.local, which we want removed. To do this, we again will use the NTDSUtil tool and its metadata cleanup feature. To begin, go to a domain controller and log in as an enterprise administrator. Then follow these steps:

  1. Open a command prompt.

  2. Type ntdsutil to open the program.

  3. Type metadata cleanup to enter that part of the program.

  4. Type connections to receive the Server Connections prompt.

  5. Enter connect to server localhost to initiate a connection with the current domain controller.

  6. Type quit to exit that module.

  7. Now, type select operation target and press Enter.

  8. Type list domains to get a list of domains.

  9. NTDSUtil will bring up a list of domains in your system. In our example, cluster.hasselltech.local comes up as domain 2. So, to set the domain in our sights to destroy, type select domain 2 and press Enter.

  10. Next, you’ll need to determine the site in which cluster.hasselltech.local resides. Type list sites to bring up a list like you saw in steps 8 and 9.

  11. In our case, cluster.hasselltech.local resides in site CHARLOTTE, which comes up as site 3 in our list. So, type select site 3 and press Enter.

  12. Now you need to get rid of the domain controllers in that domain. Find out what those machines are by typing list servers for domain in site and pressing Enter.

  13. There are two domain controllers, numbered 0 and 1. You need to get rid of both, so type select server 0 and press Enter.

  14. Type quit, and then type remove selected server. Confirm your choice.

  15. Type select server 1 and press Enter.

  16. Type remove selected server, and again confirm your choice.

  17. Finally, type remove selected domain and press Enter.

  18. Type quit to exit out of NTDSUtil.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: