Archived from groups: microsoft.public.win2000.active_directory (
More info?)
.... that's the hope since I've not seen this precise behavior before.
--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l
skip wrote:
> no the trust is gone and the site is gone, i was very carfeull with
> this, its the exchange part that got screwed up, so i should be able
> to remove the phantom account from my exchagne enterprise admisn
> group now that i ran through the ldp steps?
>
> i wil ltrya nd remove again tommorow
>
> "skip" wrote:
>
>> Hi
>>
>> I followed the bewlo steps but when i run throgh the stpes all i
>> get back is
>>
>> ***Call Modify...
>> ldap_modify_s(ld, '(null)',[1] attrs);
>> Modified "".
>> -----------
>> ***Call Modify...
>> ldap_modify_s(ld, '(null)',[1] attrs);
>> Modified "".
>>
>> I have connected to the correct DC. My forest environment is 3
>> forests that all have two way external trust in place. My forest has
>> two trees and two domains.
>>
>> Example domainA.com and domainB.com domainA.com is the foerst root
>> domain, and domainB.com is in its own tree and seperate domain, both
>> domains have there own exchagne 2003 servers, and both exchagne
>> servers are part of the same admin and routing group.
>>
>> thanks for help, it will be a great day when i open up the
>> application log and dont have to look at errors that say" unwilling
>> to remove object"
>>
>> "Dean Wells [MVP]" wrote:
>>
>>> The tool you use isn't really of importance here, it's the
>>> interfaces the tool uses and whether it is able to provide a means
>>> of clearing up this stale phantom ... for the moment though, we'll
>>> stick with LDP. Please try the following -
>>>
>>> 1. run LDP
>>> 2. connect and BIND against an offending DC
>>> 3. Select Browse --> Modify
>>> 4. Set the DN to null (or nothing, nada, zip squat, empty)
>>> - I think I got that across ;o)
>>> 5. set the attribute to checkPhantoms
>>> 6. set the value to 1
>>> 7. click Enter
>>> 8. click run and note the results in the right pane to ensure
>>> success
>>> 9. remove the entry in the entry list
>>> 10. now set the attribute to doLinkCleanup
>>> 11. set the value to 1
>>> 12. click enter
>>> 13. click run and note the results in the right pane to ensure
>>> success
>>>
>>> I would also find it useful to have an understanding of your forest
>>> structure; # of domains, # of DCs, OS versions etc.
>>>
>>> Finally, have you removed the trust relationship to the old forest.
>>>
>>> --
>>> Dean Wells [MVP / Directory Services]
>>> MSEtechnology
>>> [[ Please respond to the Newsgroup only regarding posts ]]
>>> R e m o v e t h e m a s k t o s e n d e m a i l
>>>
>>> skip wrote:
>>>> This has been an issue ever sincethe domain and exchagne server
>>>> were removed manually. I followed a KB on how to remove a domain
>>>> and Exchange 2003 manually. The exchange 2003 and domain are part
>>>> of a forest that is no longer in service, there was a trust in
>>>> place for this forest and my production forest, and the exchange
>>>> server in question was originally isntalled in the same admin
>>>> group and routing group as my production exchagne org.
>>>>
>>>> Now this forest is no longer, and i am not getting any AD erorrs
>>>> in my production environment about this forest, but i do get the
>>>> error as previously noted before on my exchange server, it is
>>>> unwilling to remove object guid this object guid matches the guid
>>>> of the exchange domain servers of the exchagne server that was
>>>> manually removed, so i am thinking if i can use LDP to manually
>>>> remove this guid from AD then i will stop seeing these errors
>>>>
>>>> Skip
>>>>
>>>> "skip" wrote:
>>>>
>>>>> The object is listed as being a member of the exchange enterprise
>>>>> admins group. Thanks for the help i really appreciate it
>>>>>
>>>>> "skip" wrote:
>>>>>
>>>>>> Hi
>>>>>>
>>>>>> When i ran the command you originally gave me it listed the guid
>>>>>> in question as being in th Exchange enterprise admins group, so
>>>>>> when i ran ldp.exe and drilled down to the Exchagne enterprise
>>>>>> admins using LDP, I could see
>>>>>> ocsmail\0ADEL:9b760d2d-fecd-41ae-817f-7aae317f5a27,DC=com . I
>>>>>> want to remove this because this object belogs to an exchange
>>>>>> 2003 server and domain that was manually removed, and as you can
>>>>>> see not all attributes of the manuall uninstall were correctly
>>>>>> removed. Now in my production exchagne 2003 servers in the app
>>>>>> log i get errors that say "LDAP Modify on directory
>>>>>> nwpcascdc01.nwpsc.com for entry
>>>>>> '<GUID=607F86B5-7FBD-4CFF-A946-4D3518E45061>' was unsuccessful
>>>>>> with error:[0x35] Unwilling To Perform. DC=nwpsc,DC=comhello all
>>>>>>
>>>>>> Also ocsmail\0ADEL:9b760d2d-fecd-41ae-817f-7aae317f5a27,DC=com is
>>>>>> listed in my ADUC but i cant remvoe it, i cant even remove it
>>>>>> using ADSIEDIT.
>>>>>>
>>>>>> Thanks for any more help
>>>>>>
>>>>>>
>>>>>> "Dean Wells [MVP]" wrote:
>>>>>>
>>>>>>> The DNs you've posted make no sense, please try posting them
>>>>>>> again.
>>>>>>>
>>>>>>> --
>>>>>>> Dean Wells [MVP / Directory Services]
>>>>>>> MSEtechnology
>>>>>>> [[ Please respond to the Newsgroup only regarding posts ]]
>>>>>>> R e m o v e t h e m a s k t o s e n d e m a i l
>>>>>>>
>>>>>>> skip wrote:
>>>>>>>> hi thanks for the help
>>>>>>>>
>>>>>>>> I found the item in LDP that i want to delete, but i dont know
>>>>>>>> the proper
>>>>>>>> way to delete it. I want to delete
>>>>>>>> ocsmail\0ADEL:9b760d2d-fecd-41ae-817f-7aae317f5a27,DC=com
>>>>>>>>
>>>>>>>> Servers,CN=Users,DC=ocsmail\0ADEL:9b760d2d-fecd-41ae-817f-7aae317f5a27,DC=com;
>>>>>>>> CN=Exchange Domain Servers,CN=Users,DC=nwpco,DC=com;
>>>>>>>>
>>>>>>>> "Dean Wells [MVP]" wrote:
>>>>>>>>
>>>>>>>>> Sure, but it's easier to describe using the following
>>>>>>>>> single-lined equiv. LDIFDE syntax within a command prompt -
>>>>>>>>>
>>>>>>>>> ldifde -f con -d
>>>>>>>>> "<GUID=607F86B5-7FBD-4CFF-A946-4D3518E45061>" -p base -l 1.1
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Dean Wells [MVP / Directory Services]
>>>>>>>>> MSEtechnology
>>>>>>>>> [[ Please respond to the Newsgroup only regarding posts ]]
>>>>>>>>> R e m o v e t h e m a s k t o s e n d e m a i l
>>>>>>>>>
>>>>>>>>> skip wrote:
>>>>>>>>>> can i use ldp.exe to search for a guid
>>>>>>>>>> 607F86B5-7FBD-4CFF-A946-4D3518E45061 ?
>>>>>>>>>>
>>>>>>>>>> My exchagne 2003 server keeps giving me an error in the
>>>>>>>>>> application log
>>>>>>>>>> LDAP Modify on directory nwpcascdc01.nwpsc.com for entry
>>>>>>>>>> '<GUID=607F86B5-7FBD-4CFF-A946-4D3518E45061>' was
>>>>>>>>>> unsuccessful with error:[0x35] Unwilling To Perform.
>>>>>>>>>> DC=nwpsc,DC=comhello all
>>>>>>>>>> I think this guid may belong ot a user, but i dont know how
>>>>>>>>>> to search for the guid using LDP
>>>>>>>>>>
>>>>>>>>>> Many thanks for any help