Deleting Objects from Active Directory Using Ldp.exe


This article describes how an administrator can remove objects from Active Directory by using the Ldp.exe tool.

More Information

To delete objects from Active Directory, administrators can use the Ldp.exe tool, which is located in the Support\Tools folder on the Windows 2000 Server CD-ROM. To delete an object:

  1. Connect to one of the available domain controllers (DCs) in the domain using the default port number (389). In the Connect dialog box, type for the server name, where server is the name of one of your DCs, and domain_name is the domain name. Type 389 for the port number
  2. Bind to the domain by logging on as the administrator. In the Bind dialog box, type administrator for the user name, type the password for the Administrator account, and then type domain_name for the domain name. Note that if you bind using a user account other than the Administrator account, you cannot delete the object.
  3. On the Browse menu in Ldp.exe, click Delete to delete the orphaned object. In the Delete dialog box, type the distinguished name (DN) for the object you want to delete. For example, if you want to remove the "Remote Support" Organizational Unit object in the domain, type the following DN:
    OU=Remote Support, DC=support, DC=microsoft, DC=com
  4. Click to select the Synchronous check box, and then click OK.
NOTE: You can delete only "leaf" objects in this manner. If you attempt to delete an object that is not empty, you receive an error message similar to the following message:

Error: Delete: Not allowed on non-leaf. <66>
Therefore, to delete a container object, you must delete all objects in the container.

Article ID: 244344 - Last Review: Mar 1, 2007 - Revision: 1