utilman to CMD - no utilman.exe if booting from Win 2025??
Mike Leone
Mike. Leone, <mailto:tur...@mike-leone.com>
PGP Fingerprint: 0AA8 DC47 CB63 AE3F C739 6BF9 9AB4 1EF6 5AA5 BCDF
Photo Gallery: <http://www.flickr.com/photos/mikeleonephotos>
Wright, John M
Utilman.exe is at c:\windows\system32. You can rename it to utilman.exe.bak, then copy cmd.exe to utilman.exe.
--
John Wright
IT Support Specialist
1800 Old Bluegrass Avenue, Louisville, KY 40215
Please submit IT requests to Hazelwoo...@bluegrass.org
24 Hour Helpline 1.800.928.8000
CONFIDENTIALITY NOTICE: This message contains confidential information and is intended only for the individual(s) addressed in the message. If you are not the named addressee, you should not disseminate, distribute, or copy this e-mail. If you are not the intended recipient, you are notified that disclosing, distributing, or copying this e-mail is strictly prohibited.
From: ntsys...@googlegroups.com <ntsys...@googlegroups.com>
On Behalf Of Mike Leone
Sent: Thursday, July 3, 2025 10:25 AM
To: NTSysAdmin <ntsys...@googlegroups.com>
Subject: [ntsysadmin] utilman to CMD - no utilman.exe if booting from Win 2025??
|
EXTERNAL EMAIL - This email was sent by a person from outside your organization. Exercise caution when clicking links, opening attachments or taking further action, before validating its authenticity. |
--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
ntsysadmin+...@googlegroups.com.
To view this discussion visit
https://groups.google.com/d/msgid/ntsysadmin/CAHBr%2B%2BicZ1Sq0bN1FcpL0GRZ-fqvjKoCis91mdiu9SC9a1FJuw%40mail.gmail.com.
Mike Leone
Utilman.exe is at c:\windows\system32. You can rename it to utilman.exe.bak, then copy cmd.exe to utilman.exe.
Philip Elder
Does the DC hold any FSMO Roles?
If not, trash it.
Use AD Sites to delete it, delete its object in ADUC, and then clean up references to it in DNS (A, AD). Make sure to go through absolutely ALL folders in DNS to remove references to it’s DNS A record and GUID record. DNS is the one place Microsoft has consistently missed the mark on AD DC clean-up.
So long as the Forest/Domain levels are 2016 (IIRC) using Sites should clean-up the metadata nicely. You can use NTDSUtil if not sure.
Install a fresh OS, Role, and DCPromo.
If it holds the FSMO Roles then do a Seize on one of the other DCs. Make sure that replicates to ALL DCs before running DCPromo on the newly stood up OS.
Once this one is rebuilt you can gracefully transfer the FSMO Roles back.
From an elevated PoSh:
# Check FSMO
Get-ADForest | Format-Table SchemaMaster,DomainNamingMaster
Get-ADDomain | Format-Table PDCEmulator,RIDMaster,InfrastructureMaster
Need to move them gracefully?
# Transfer and Check
$DestinationDC = "NewDCName"
Move-ADDirectoryServerOperationMasterRole -Identity $DestinationDC -OperationMasterRole 0,1,2,3,4 -confirm:$false
Get-ADForest | Format-Table SchemaMaster,DomainNamingMaster
Get-ADDomain | Format-Table PDCEmulator,RIDMaster,InfrastructureMaster
Need to seize them because the PDCe died?
# Seize FSMO Roles
$DestinationDC = "NewDCName"
Move-ADDirectoryServerOperationMasterRole -Identity $DestinationDC -OperationMasterRole 0,1,2,3,4 -Force -confirm:$False
Get-ADForest | Format-Table SchemaMaster,DomainNamingMaster
Get-ADDomain | Format-Table PDCEmulator,RIDMaster,InfrastructureMaster
Oh, and if the dead DC was your time holder, which means also the PDCe then make sure to set it back up:
REM PDCe USA
w32tm /config /syncfromflags:manual "/manualpeerlist:0.us.pool.ntp.org,0x1 1.us.pool.ntp.org,0x1 2.us.pool.ntp.org,0x1 3.us.pool.ntp.org,0x1" /reliable:yes
w32tm /config /update
net stop w32time && net start w32time
w32tm /resync /force
w32tm /query /source
W32tm /query /status /verbose
*Make sure Time Sync with the host is DISABLED for all VMs in a domain.
Philip Elder MCTS
Senior Technical Architect
Microsoft High Availability MVP
MPECS Inc.
E-mail: Phili...@mpecsinc.ca
Phone: +1 (780) 458-2028
Web: www.mpecsinc.com
Blog: blog.mpecsinc.com
Twitter: Twitter.com/MPECSInc
Teams: Phili...@MPECSInc.Cloud
Please note: Although we may sometimes respond to email, text and phone calls instantly at all hours of the day, our regular business hours are 8:00 AM - 5:00 PM, Monday thru Friday.
From: ntsys...@googlegroups.com <ntsys...@googlegroups.com>
On Behalf Of Mike Leone
Sent: Thursday, July 3, 2025 08:25
To: NTSysAdmin <ntsys...@googlegroups.com>
Subject: [ntsysadmin] utilman to CMD - no utilman.exe if booting from Win 2025??
I am trying to fix my broken DC (although at this point, I'm suspecting it might be a lost cause, and I may have to rip it out by the roots using ntdsutil ...).
--
Mike Leone
Does the DC hold any FSMO Roles?
If not, trash it.
Use AD Sites to delete it, delete its object in ADUC, and then clean up references to it in DNS (A, AD). Make sure to go through absolutely ALL folders in DNS to remove references to it’s DNS A record and GUID record. DNS is the one place Microsoft has consistently missed the mark on AD DC clean-up.
So long as the Forest/Domain levels are 2016 (IIRC) using Sites should clean-up the metadata nicely. You can use NTDSUtil if not sure.
To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/86a128998ee74cdf96f6b7dca4e11ac8%40MPECSInc.Ca.