Microsoft KB Archive/318698

= Error Message: DSA Object Cannot Be Deleted =

Article ID: 318698

Article Last Modified on 10/31/2006

-

APPLIES TO


 * Microsoft Windows 2000 Service Pack 1
 * Microsoft Windows 2000 Service Pack 2

-



This article was previously published under Q318698



SYMPTOMS
When you try to delete an orphaned NTDS Settings from Active Directory Sites and Services, you may receive the following error message:

DSA object cannot be deleted.

Note that only one NTDS Settings ordinarily exists under each server in the Servers folder in Active Directory Sites and Services. If two NTDS Settings are shown, the one that does not have connection objects associated with it (in the right pane) is probably the orphaned NTDS Settings.



CAUSE
The Dcpromo.exe demotion process must delete NTDS Settings from a server. However, the Dcpromo.exe process may not delete NTDS Settings even if connection objects are deleted. If you have multiple domain controllers, the Active Directory replication process may not delete NTDS Settings from this domain controller.



RESOLUTION
To work around this problem, complete the following procedure on a domain controller that has an orphaned NTDS Settings:
 * 1) Start ADSI Edit, and then expand the following branches:
 * 2) * Configuration NC
 * 3) * CN=Configuration,DC=domain, DC=com
 * 4) * CN=Sites
 * 5) * CN= 
 * 6) * CN=Servers
 * 7) Locate the server that has an orphaned NTDS Settings. Right-click the orphaned NTDS Settings, and then click Delete.
 * 8) If you have multiple domain controllers, make sure that this change is replicated to all domain controllers.

An orphaned NTDS Settings object may also be found in the LostAndFoundConfig Container under the Configuration Container in ADSI Edit. You can use the analogous procedure to delete this object. To do this:
 * 1) Start ADSI Edit, and then expand the following branches:
 * 2) * Configuration NC
 * 3) * CN=Configuration,DC=domain, DC=com
 * 4) * CN=LostAndFoundConfig
 * 5) Right-click the orphaned NTDS Settings object, and then click Delete. Make sure that the related server object does not exist before deleting the NTDS Settings object.



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.



MORE INFORMATION
ADSIEDIT is part of the Windows 2000 Support Tools.

Keywords: kberrmsg kbprb KB318698

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.