...
and yet no new (even very small) features will be added within a Service Pack
:)
--
Dean Wells
MSEtechnology
* Email: dwells@msetechnology.com
http://msetechnology.com
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jorge de Almeida Pinto
Sent: Monday, March 21, 2005 7:46 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Scripting DC cleanup?
If you're taling about W2K3 then
after installing SP1 you don't need to select the site, domain, etc. Just select
the server and kill it!
QUOTE
The Ntdsutil.exe command-line
tool for managing the Active Directory database has new commands that make it
easier to remove domain controller metadata. Preliminary steps, such as
connecting to a server, domain, and site, are no longer required. You simply
specify the server to remove. You can also specify the server on which to make
the deletion.
Cheers
Jorge
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Friday, March 18, 2005 18:00
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Scripting DC cleanup?
I would recommend watching your AD to see exactly what
NTDSUTIL is doing, you can actually just get away from using it and deleting the
appropriate objects directly (hint look at the objects under the server
containers of sites...) . In fact you can make a solution that is better
than ntdsutil because last I looked, it didn't get rid of FRS references, etc. I
recall a tool written by a friend of mine at the widget factory I used
to work at that would do this quite well and quite fast and was called
Whack-A-DC. It was used to clean up the test environment sucked off of the
real environment after it was isolated from the "real"
network.
I have been slow to duplicate anything like this as a
joeware tool because quite frankly, it is pretty dangerous stuff and would
prefer to not have my tools used in script kiddies attack tool boxes. oldcmp
specifically and very purposely avoids DCs.
joe
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ken Cornetet
Sent: Friday, March 18, 2005 10:32 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Scripting DC cleanup?
I
guess I should have elaborated. NTDSUtil references domains, sites, and servers
by sequential numbers. In order to write a simple command file for DC cleanup,
I'd have to know what these numbers would be beforehand, and I'm not at all sure
they won't change.
What
I'd like to do is write a perl script that will figure out what these numbers
will be and write a script that I can feed into ntdsutil to do the dirty
work.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond
Sent: Friday, March 18, 2005 9:40 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Scripting DC cleanup?You can make ntdsutil work in a script. Just make a batch file. The syntax is to put a sapce between each command and put them in quotes:ntdsutil "connect to domain 1" "do something cool" "build an arc"ntdsutil "connect to domain 2" "do something cool" "build an arc"etc etc--Brian Desmond
[EMAIL PROTECTED]
Payton on the web! www.wpcp.org
v - 773.534.0034 x135
f - 773.534.8101c - 312.731.3132
From: [EMAIL PROTECTED] on behalf of Ken Cornetet
Sent: Fri 3/18/2005 7:33 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Scripting DC cleanup?It's getting close to time for our annual off-site disaster recovery test, and I'd like to automate a dreaded chore that this testing entails. Our main domain has about two dozen DCs. We only recover one of those during the test. This means I have to perform the ntdsutil dance outlined in KB216498 23 times to remove the phantom DCs.Is there any way I can script this, or at least script creation of a text file that would be piped into ntdsutil?I stumbled across a script called "metacleaner.vbs" written by a gentleman at microsoft, but it did not appear to work.
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
