PENDING SCCM VM CRASH SINCE CYBER ATTACK HOW DEMOTE OLD TO INSTALL NEW

[PASCAL JOURDAN]

Hi Guys
We having a pb after a cyber attack on our instrastructure .
SCCM SERVER 2019 WINDOWS VM WAS CRYPTED AND DEAD . I WANT TO KNOW HOW DEMOTE OLDER AND ALL REGISTRED FILE ON ACTIVE DIRECTORY TO INSTALL NEW SERVER SCCM.
REGARDS

 

[Prajwal Desai]

Hi Pascal, What is this "pb" in your question?. If the attacker has encrypted the ConfigMgr Server along with other VMs, i think you must first disconnect it from network as there are chances that the malware can spread to other machines.

If you are talking about files from System Management container, you can leave them as it as and setup ConfigMgr with new site code. If the older ConfigMgr setup doesn't exist at all, you can delete the files from System Management container. You don't have to extend the AD schema again.

 

[PASCAL JOURDAN]

Hi Prajwal,
Tks for your answer .
Cyber attack encrypted all VM but our Active Directory is ok right.
We have set a new infrastructure with old Active Directory but the old entry SCCM block us to install a new server SCCM .

ConfigMgr setup doesn't exist at all, you can delete the files from System Management container.
Can you give me more precision to deleted old entry ?
You tell me that i can do that on AD ?
from System Management container ?
Tks
Pascal

 

[PASCAL JOURDAN]

Have to deleted the container or all file on it ?