G
Guest
I recently demoted one of my child domain controllers. Everything went
smoothly. A couple days later, I removed it from the domain and turn the
server off. A week later, when I "ping <domain.com>" some machines try to
ping this old demoted domain controller. When I do "nslookup <domain.com>,
all of my domain controller IP addresses show up, including the one I just
demoted and removed.
Everywhere I look, there is no mention of this old domain controller being a
domain controller any longer. I deleted all records withing WINS and DNS.
NTDSutil does not see this old demoted server as a domain controller. And
what little I know to look at in ADSIedit, this demoted domain controller is
no where to be found.
I think this is causing problems for some people, and it is random. Users
are not getting authenticated correctly because their machines seem to be
attempting to authenticate via this removed and demoted domain controller
that is no longer online.
Not sure what to do.
Here is what my nslookup looks like:
H:\>nslookup <domain.com>
Server: <dns server.domain.com>
Address: 10.7.1.1
Name: <domain.com>
Addresses: 10.7.1.19, 10.7.1.6, 10.7.1.7, 10.7.1.4
The IP address, 10.7.1.4, is the old demoted domain controller that is no
longer on the domain or online. The server is off and sitting on a shelf.
All the other IP's are correct. Those are my other child domain
controllers. I am ready to demote and remove 10.7.1.19 as well, but I want
to solve this problem first. I do not want there to be two demoted domain
controllers showing up and causing twice the problem with authentication.
smoothly. A couple days later, I removed it from the domain and turn the
server off. A week later, when I "ping <domain.com>" some machines try to
ping this old demoted domain controller. When I do "nslookup <domain.com>,
all of my domain controller IP addresses show up, including the one I just
demoted and removed.
Everywhere I look, there is no mention of this old domain controller being a
domain controller any longer. I deleted all records withing WINS and DNS.
NTDSutil does not see this old demoted server as a domain controller. And
what little I know to look at in ADSIedit, this demoted domain controller is
no where to be found.
I think this is causing problems for some people, and it is random. Users
are not getting authenticated correctly because their machines seem to be
attempting to authenticate via this removed and demoted domain controller
that is no longer online.
Not sure what to do.
Here is what my nslookup looks like:
H:\>nslookup <domain.com>
Server: <dns server.domain.com>
Address: 10.7.1.1
Name: <domain.com>
Addresses: 10.7.1.19, 10.7.1.6, 10.7.1.7, 10.7.1.4
The IP address, 10.7.1.4, is the old demoted domain controller that is no
longer on the domain or online. The server is off and sitting on a shelf.
All the other IP's are correct. Those are my other child domain
controllers. I am ready to demote and remove 10.7.1.19 as well, but I want
to solve this problem first. I do not want there to be two demoted domain
controllers showing up and causing twice the problem with authentication.