This article describes how an administrator can remove objects from Active Directory by using the Ldp.exe tool.
To delete objects from Active Directory, administrators can use the Ldp.exe tool, which is located in the Support\Tools folder on the Windows 2000 Server CD-ROM. To delete an object:
- Connect to one of the available domain controllers (DCs) in the domain using the default port number (389). In the Connect dialog box, type server.domain_name.com for the server name, where server is the name of one of your DCs, and domain_name is the domain name. Type 389 for the port number
- Bind to the domain by logging on as the administrator. In the Bind dialog box, type administrator for the user name, type the password for the Administrator account, and then type domain_name for the domain name. Note that if you bind using a user account other than the Administrator account, you cannot delete the object.
- On the Browse menu in Ldp.exe, click Delete to delete the orphaned object. In the Delete dialog box, type the distinguished name (DN) for the object you want to delete. For example, if you want to remove the "Remote Support" Organizational Unit object in the support.microsoft.com domain, type the following DN:OU=Remote Support, DC=support, DC=microsoft, DC=com
- Click to select the Synchronous check box, and then click OK.
Error: Delete: Not allowed on non-leaf. <66>Therefore, to delete a container object, you must delete all objects in the container.
Article ID: 244344 - Last Review: Mar 1, 2007 - Revision: 1