我已经将 2 个新的 Win2019 DC 引入我的域,并正确删除了旧的 DC(降级然后从域中删除)。我从“用户和计算机”应用程序确认我的旧 DC 不再存在。出于某种原因,我的一个旧 DC 仍然显示在“站点和服务”下。我试图删除它,但 Windows 说我没有必要的权限或对象受到保护。我以域管理员身份登录。
我认为我需要按照以下说明清理元数据: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc736378(v=ws.10)?redirectedfrom=MSDN
但是,步骤 J 和 L 中的说明比较模糊。特别是:
- 步骤 J - 我应该选择要删除的服务器吗?因为它不在列表中(只有新的 DC 在列表中)。
- 步骤 L - 我是否应该将要删除的服务器的名称附加到此命令?这很危险,因为我不想删除我的新 DC,并且说明建议我将删除步骤 J 中选择的服务器(并且我的旧 DC 不在列表中)
我是不是用错了方法?我应该使用 ADSI 编辑来删除它吗?我在以下位置找到了旧 DC:
配置 > CN=配置... > CN=站点 > CN=Site1 > CN=OLDDC
我可以更改权限以允许删除。但我讨厌使用 ADSI 编辑,因为很容易破坏域
如果某天链接失效了,可以从上述链接执行以下步骤:
1. Open a command prompt.
2. Type the following command, and then press ENTER:
ntdsutil
3. At the ntdsutil: prompt, type:
metadata cleanup
4. Perform metadata cleanup as follows:
If you are performing metadata cleanup by using the version of Ntdsutil.exe that is included with Windows Server 2003 SP1, at the metadata cleanup: prompt, type:
remove selected server ServerName
Or
remove selected server ServerName1 on ServerName2
TABLE 1
Value Definition
ServerName, ServerName1
The distinguished name of the domain controller whose metadata you want to remove, in the form cn=ServerName,cn=Servers,cn=SiteName, cn=Sites,cn=Configuration,dc=ForestRootDomain
ServerName2
The DNS name of the domain controller to which you want to connect and from which you want to remove server metadata
If you are performing metadata cleanup by using the version of Ntdsutil.exe that is included with Windows Server 2003 with no service pack, perform metadata cleanup as follows:
A. At the metadata cleanup: prompt, type:
connection
B. At the server connections: prompt, type:
connect to server Server
C. At the server connections: prompt, type:
quit
D. At the metadata cleanup: prompt, type:
select operation target
E. At the select operation target: prompt, type:
list sites
A numbered list of sites appears.
F. At the select operation target: prompt, type:
select site SiteNumber
G. At the select operation target: prompt, type:
list domains in site
A numbered list of domains in the selected site appears.
H. At the select operation target: prompt, type:
select domain DomainNumber
I. At the select operation target: prompt, type:
list servers in site
A numbered list of servers in a domain and site appears.
J. At the select operation target: prompt, type:
select server ServerNumber
K. At the select operation target: prompt, type:
quit
L. At the metadata cleanup: prompt, type:
remove selected server
TABLE 2
Value Description
Server
The DNS name of a domain controller that you want to connect to
SiteNumber
The number associated with the site of the server that you want to clean up that appears in the list
DomainNumber
The number associated with the domain of the server that you want to clean up that appears in the list
ServerNumber
The number associated with the server that you want to clean up that appears in the list
At this point, Active Directory confirms that the domain controller was removed successfully. If you receive an error message that indicates that the object cannot be found, Active Directory might have already removed the domain controller.
5. To verify that the server was removed, type list servers in site, and then press ENTER. Ensure that the domain controller that you wanted to be removed is no longer displayed in the command output.
6. At the metadata cleanup: and ntdsutil: prompts, type quit.