My home network has been running in its most recent form for around two years now. As you can imagine, in that time it has seen a large number of changes, with hardware dieing and virtual server coming and going.
There is therefore rather a lot of old data knocking around in AD!
One particular problem I have found recently, was when I looked at the list of authorised DHCP servers in the DHCP MMC snap-in. It shows an old server "DC2" which is long since dead.
However, when looking in AD, under the "CN=NetServices,CN=Services,CN=Configuration,(cont)
DC=gaots,DC=co,DC=uk" branch, there was no mention of DC2. This was strange!!
To confirm the entry, I tried the command:
netsh dhcp show serverThis also showed the old server.
To track down the offending entry, I began by posting on the Mark Minasi fourms. Here is a link to the post:
http://web2.minasi.com/forum/topic.asp?TOPIC_ID=16882
This lead me down the route of using LDP.exe to search the directory. Personally, I found this rather tricky and something which would require a little more study of LDAP syntax! Some articles to get you started are at:
http://support.microsoft.com/kb/255602/en-us
http://support.microsoft.com/kb/224543/en-us
Anyhow, I started thinking of another way to search. In the end I used LDIFDE to export the configuration partition of AD. The command I used was as follows:
ldifde -f c:\out2ad.ldf -d CN=Configuration,DC=Gaots,DC=co,DC=uk
This output all 4741 entries in the partition to the out2ad.ldf file on the C:.
Next I opened the file in Notepad and used the search funtion to search for "DC2".
This turned up the following object:
dn: CN=DhcpRoot,CN=NetServices,CN=Services,CN=Configuration,DC=gaots,DC=co,DC=ukchangetype: addobjectClass: topobjectClass: dHCPClasscn: DhcpRootdistinguishedName: CN=DhcpRoot,CN=NetServices,CN=Services,CN=Configuration,DC=gaots,DC=co,DC=ukinstanceType: 4whenCreated: 20030118180051.0ZwhenChanged: 20050604125912.0ZuSNCreated: 8226uSNChanged: 8226showInAdvancedViewOnly: TRUEname: DhcpRootobjectGUID: byMqK1mKH02svsUyn66oTw==dhcpUniqueKey: 0dhcpType: 0dhcpFlags: 0dhcpIdentification: This is a serverdhcpServers: i192.168.1.11$rcn=dc2.gaots.co.uk$f0x00000000$sdc2.gaots.co.uk$objectCategory: CN=DHCP-Class,CN=Schema,CN=Configuration,DC=gaots,DC=co,DC=uk
So, it turns out that the entry is under the DHCPRoot object. Having discovered this, I had to decide what to do next.
Obviously I want to get rid of the DC2 entry but how? First, I compared the DHCPRoot object with one in another domain. I found that it had one extra attribute: dhcpServers:
Having discovered this, I then opened ADSIEdit.msc and navigated to the DHCPRoot object. I cleared the attribute "dhcpServers" so that it showed as "Not Set" as on the test network I used to check as mentioned above.
I then closed down all the utilities I had open and opened up the DHCP MMC snap-in. On checking the Authorised servers list I found that the DC2 entry had gone!
Hope this helps someone. It was certainly interesting tracking it down and has pointed out to me that I need to spend a little time looking at LDP.exe and LDAP queries!
Cheers
Nathan