29 C
Dubai
Wednesday, December 11, 2024

Domain Controller Metadata Cleanup Denied

 

  • Metadata Cleanup Fails with DsRemoveDsServerW error 0x5(Access is denied.)

Microsoft Windows [Version 6.3.9600]

(c) 2013 Microsoft Corporation. All rights reserved.

C:\Windows\system32>ntdsutil
ntdsutil: metadata cleanup
metadata cleanup: connection
server connections: connect to server AZURE365PRO-LIVEDC
Binding to AZURE365PRO-LIVEDC ...
Connected to AZURE365PRO-LIVEDC using credentials of locally logged on user.
server connections: quit
metadata cleanup: select operation target
select operation target: list domains
Found 1 domain(s)
0 - DC=azure365pro,DC=com
select operation target: select domain 0
No current site
Domain - DC=azure365pro,DC=com
No current server
No current Naming Context
select operation target: list sites
Found 2 site(s)
0 - CN=AD-000,CN=Sites,CN=Configuration,DC=azure365pro,DC=com
1 - CN=AD-001,CN=Sites,CN=Configuration,DC=azure365pro,DC=com
select operation target: select sit 0
Site - CN=AD-000,CN=Sites,CN=Configuration,DC=azure365pro,DC=com
Domain - DC=azure365pro,DC=com
No current server
No current Naming Context
select operation target: list servers in site
Found 3 server(s)
0 - CN=AZURE365PRO-DEADDC,CN=Servers,CN=AD-000,CN=Sites,CN=Configuration,DC=azure365pro,DC=com
1 - CN=AZURE365PRO-DC03,CN=Servers,CN=AD-000,CN=Sites,CN=Configuration,DC=azure365pro,DC=com
2 - CN=AZURE365PRO-LIVEDC,CN=Servers,CN=AD-000,CN=Sites,CN=Configuration,DC=azure365pro,DC=com
select operation target: select server 0
Site - CN=AD-000,CN=Sites,CN=Configuration,DC=azure365pro,DC=com
Domain - DC=azure365pro,DC=com
Server - CN=AZURE365PRO-DEADDC,CN=Servers,CN=AD-000,CN=Sites,CN=Configuration,DC=azure365pro
,DC=com
DSA object - CN=NTDS Settings,CN=AZURE365PRO-DEADDC,CN=Servers,CN=AD-000,CN=
Sites,CN=Configuration,DC=azure365pro,DC=com
DNS host name - AZURE365PRO-DEADDC.azure365pro.com
Computer object - CN=AZURE365PRO-DEADDC,OU=Domain Controllers,DC=azure365pro,DC=com
No current Naming Context
select operation target: quit
metadata cleanup: remove selected server
Transferring / Seizing FSMO roles off the selected server.
DsRemoveDsServerW error 0x5(Access is denied.)
metadata cleanup:

Solution –

  • Make Sure all objects which you trying to remove  “Protect Object from Accidental deletion” is unchecked in Active Directory Sites and Services.

image

Satheshwaran Manoharan
Satheshwaran Manoharanhttps://www.azure365pro.com
Award-winning Technology Leader with a wealth of experience running large teams and diversified industry exposure in cloud computing. From shipping lines to rolling stocks.In-depth expertise in driving cloud adoption strategies and modernizing systems to cloud native. Specialized in Microsoft Cloud, DevOps, and Microsoft 365 Stack and conducted numerous successful projects worldwide. Also, Acting as a Technical Advisor for various start-ups.

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

× How can I help you?