By default, client will contact the DC in same site. And the site is configured in “AD sites and services”. We can simulate the DC locator process and gather network monitor package to see what happens during finding DC. Following is action plan:
Download Network Monitor 3.3 and install it on client (by default path)
http://www.microsoft.com/downloads/details.aspx?FamilyID=983b941d-06cb-4658-b7f6-3088333d062f&displaylang=en
Nltest.exe is a command tool in “support tools”. Please download support tool from:
http://www.microsoft.com/downloads/details.aspx?FamilyID=6ec50b78-8be1-4e81-b3be-4e7ac4f0912d&DisplayLang=en.
On client, open a command prompt and run following command to start Network Monitor:
"%ProgramFiles%\Microsoft Network Monitor 3\nmcap" /network * /capture /file %ComputerName%_test.cap:50M /DisableConversations /DisableLocalOnly
On client, open another command prompt, navigate the path in which nltest.ext resides, run following command:
ipconfig /flushdns
nltest /dsgetdc:domainname /force > dsgetdc.txt
nltest /dsgetsite > dsgetsite.txt
set l > setl.txt
NOTE:please place the “domainname” with your real domain name
In the command prompt of step 3, click “CTRL+C” to stop network monitor. The log is at current path.
Find the dsgetdc.txt ,dsgetsite.txt and setl.txt result s in same place
Saturday, June 19, 2010
Removing the RODC computer account using the graphical interface
If AD DS is already removed from the RODC computer, you can easily remove the computer account by using the Active Directory Users and Computers or Active Directory Sites and Services snap-ins.
To remove an RODC computer account with Active Directory Users and Computers
1. Open Active Directory Users and Computers. To open Active Directory Users and Computers, click Start, click Control Panel, double-click Administrative Tools, and then double-click Active Directory Users and Computers.
2. Ensure that you are connected to a writeable domain controller running Windows Server 2008 in the correct domain. To connect to the appropriate domain or domain controller, in the details pane, right-click the Active Directory Users and Computers object, and then click Change Domain or Change Domain Controller, respectively.
3. In the console tree, expand the domain object, and then select the Domain Controllers organizational unit (OU).
4. In the details pane, right-click the RODC computer account, and then click Delete.
5. When you are prompted, click Yes to continue with the removal of the RODC account. At this point, the Deleting Domain Controller dialog box appears. If the RODC was not compromised or stolen, you can clear all the check boxes in this dialog box and then click Delete. If the RODC was compromised or stolen,
6. Next, another Delete Domain Controller dialog box appears, asking you to confirm metadata deletion. Click OK to continue with the RODC computer account removal.
7. If the domain controller was also a global catalog server, you are asked again to confirm that you want to continue the deletion. Click Yes to continue.
From Microsoft:see Securing Accounts After an RODC Is Stolen.
To remove an RODC computer account with Active Directory Users and Computers
1. Open Active Directory Users and Computers. To open Active Directory Users and Computers, click Start, click Control Panel, double-click Administrative Tools, and then double-click Active Directory Users and Computers.
2. Ensure that you are connected to a writeable domain controller running Windows Server 2008 in the correct domain. To connect to the appropriate domain or domain controller, in the details pane, right-click the Active Directory Users and Computers object, and then click Change Domain or Change Domain Controller, respectively.
3. In the console tree, expand the domain object, and then select the Domain Controllers organizational unit (OU).
4. In the details pane, right-click the RODC computer account, and then click Delete.
5. When you are prompted, click Yes to continue with the removal of the RODC account. At this point, the Deleting Domain Controller dialog box appears. If the RODC was not compromised or stolen, you can clear all the check boxes in this dialog box and then click Delete. If the RODC was compromised or stolen,
6. Next, another Delete Domain Controller dialog box appears, asking you to confirm metadata deletion. Click OK to continue with the RODC computer account removal.
7. If the domain controller was also a global catalog server, you are asked again to confirm that you want to continue the deletion. Click Yes to continue.
From Microsoft:see Securing Accounts After an RODC Is Stolen.
Subscribe to:
Posts (Atom)