Unable to Delete Active Directory Object

Whilst doing some tests on an Active Directory to do with permissions I removed all the permissions apart from SYSTEM. This proved what I wanted to prove, but I then could not delete the object or reset its permissions etc. to tidy up my test environment.

A search on the web for the problem returned one page and they had not solved it either. This was found here. Though they had deleted a user object and I had set permissions on an Exchange Server address list object I think the answer might be the same.

The problem in Exchange System Manager was "The specified directory service attribute or value does not exist" and "8007200a" when I tried to delete the object. Opening ADSI Edit would not let me delete the object (which appears as a notepad icon and not the folder icon it is supposed to be). Opening the object returns "An invalid directory pathname was passed" and deleting the object returns "This folder or one of its children has one or more property sheets up. Please close the property sheet before continuing with this action."

So taking the advice in the above link, and going a few steps further I managed to delete the object.

The key (in Windows Server 2003) is to use a command line tool called DSRM. This deletes active directory objects, but before it can be deleted the permissions need to be reset using another command line tool called DSACLS.

1. Determine the distinguished name of the object. This is easiest to do in ADSI Edit by opening the parent item and copying the value of the distinguishedName property.
2. Paste the copied distinguished name into Notepad and prepend to the text the name of the child object in the form of CN=child,distinguishedname.
3. On the command line enter DSACLS "Distinguished Name" /A. The quotes are needed if there are spaces within the distinguished name. This will display the current permissions on the object for your interest.
4. Repeat the above command but change the ending to /G Everyone:GA (remove the /A). This will grant full control to Everyone to this object. Remember that you are deleting this item so these permissions are temporary. This should be successful.
5. Finally you can delete the object using DSRM if the object is a leaf object, but if not a leaf object then DSRM distinguishedName -subtree. It might also be possible to use ADSI Edit or the valid Active Directory administration tool to delete the object if the permission fix has worked.

Dell Notebook System Software (NSS) Failure to Install

I recently had to rebuild a Dell Latitude D610 as it was not working properly on purchase. The reinstall instructions for Windows XP SP2 included installing the relevant Dell drivers from the Dell CD (or internet download if they were later versions). The Notebook System Software (NSS) always failed to install - it would crash upon starting the program.

After phoning Dell Technical Support to fix this problem, the answer was to run the software whilst in Windows XP Safe Mode. To get to this reboot your computer and press F8 just before the Windows logo appears (easiest thing to do is press F8 repeatedly as soon as the computer boots and you are sure to get the option for Safe Mode).

After installing it in Safe Mode you can reboot into normal Windows XP.