Delete an object using Ntdsutil

 

Ntdsutil is a command line tool for database management in the Active Directory. It mainly performs database maintenance, manages and controls operation hosts, and deletes metadata left by uninstalling DC abnormally from the network, and create application partitions. In our previous experiments, we used this tool many times and felt its powerful functions.

 

Lab environment:

There are two DC in the forest, and they are also GC, respectively Win2008R2CNDC and WIN2008R2CNDC01. Assume that WIN2008R2CNDC01 cannot be started due to hardware failure. Now we want to delete this object.

 

Tutorial steps:

The following operations are completed on the DC of Win2008R2CNDC.

1. Run Ntdsutil

2. input Metadata cleanup (to clear the objects of unused servers)

Remove selected domain-delete the ad ds object of the selected domain
Remove selected Naming Context-delete an object for the selected Naming Context
Remove selected server-delete an object from the selected server
Remove selected server % s-delete an object from the selected server
Remove selected server % s on % s-delete an object from the selected server
Select operation target-selected site, server, domain, role, and naming context

 

3. Enter Connections (connect to a specific ad dc or LDS instance)

4. connect to server win2008r2cndc.hbycrsj.com (connect to server win2008r2cndc.hbycrsj.com)

5. quit (return to the previous directory, that is, the command status of the Metadata cleanup operation)

6. select operation target (select operation object)

In this command status, we use the command for the current domain, site, and Server

List current selections-List the current site/domain/Server/naming context
List domains-List all fields that contain cross references
List domains in site-List the domains in the selected site
List Naming Contexts-List known Naming Contexts
List roles for connected server-List roles known to connected servers
List servers for domain in site-List servers in the selected domain and site
List servers in site-List servers in the selected site
List sites-List sites in an Enterprise
Quit-return to the previous menu
Select domain % d-set % d to the selected domain
Select Naming Context % d-set Naming Context % d to the selected Naming Context
Select server % d-set server % d as the selected server
Select site % d-set site % d as the site selected

7. List sites (List sites in the enterprise)

8. select site 0 (set site % d as the site selected)

9. list domains in site (list servers in the selected site)

10. select domain 0 (set % d to the selected domain)

11. select servers for domain in site (list servers in the selected domain and site)

 

12. select server 1 (set % d server as the selected server)

 

 

13. quit

14. remove select server

 

 

 

 

Note:

To completely delete this object from AD, we must also delete the relevant records on the DNS server.