manually remove DC server from AD

G

Guest

Had a DC server removed, didn't do dcpromo on it (didn't know that then).
How can I remove it from AD and the domain/forest? It it no longer in the
forest. Thanks
 
H

Herb Martin

Brian said:
Had a DC server removed, didn't do dcpromo on it (didn't know that then).
How can I remove it from AD and the domain/forest? It it no longer in the
forest. Thanks
Click to expand...

NTDS metadata cleanup

Search Google for:

[ NTDS "metadata cleanup" remove DC Domain ]

No need to add either site:microsoft.com OR microsoft:
since the NTDS and other terms make it Microsoft specific
by itself.

Unless you WISH to restrict answers to the site:microsoft.com
for some reason.

[ NTDS "metadata cleanup" remove DC Domain site:microsoft.com ]

Key points to NOTE when doing the metadata cleanup:

You CONNECT to a WORKING DC.
You SELECT the missing/dead DC or DOMAIN

'Connect' and 'Select' are technical terms in this context.
 
C

Cary Shultz [A.D. MVP]

Brian,

As the two others ( Howdy, guys! ) have mentioned, you need to do a MetaData
Cleanup. This is necessary because the Domain Controller in question was
not properly removed. Although it is physically missing, AD thinks ( well,
to a point ) that it is still there. If you do a repadmin /showreps you
will notice that there are objects to / from this DC with a DEL: before it.
So, you will have a lot of replication related errors. Amongst others!

Follow the link that Yor gave you. And, as Herb mentioned, you will need to
connect to an existing Domain Controller when using ntdsutil and then select
the Domain Controller that was incorrectly removed. This is a common error
that people make. They try to connect - or bind - to the Domain Controller
that they are trying to remove. You will get an error a few steps later.
Although it is clearly stated in the MSKB Article I guess that most people
overlook this.

--
Cary W. Shultz
Roanoke, VA 24014
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com
 
H

Herb Martin

that people make. They try to connect - or bind - to the Domain
Controller
that they are trying to remove. You will get an error a few steps later.
Although it is clearly stated in the MSKB Article I guess that most people
overlook this.
Click to expand...

The problem is the linguistic (both sound and meaning)
between Select and Connect -- when a newcomer to
NTDSUtil is reading the docs for the first time it isn't
clear that that small linguistic difference is KEY.

Thus sentences like this make perfect sense:
"I selected the first DC in the domain with AD Users/Computers
to do the update." "So I connected to it."

But. as you say, if you try to Connect to a dead DC
it is very disappointing.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Remove orphaned Win2K DC from AD 2
upgrade 2000 DC to 2003 R2 DC 2
root forest AD DC crashed 10
Rebuilt forest root DC, now got repl errors, SIDs? 2
Successful Remove Additional DC 3
Win2K DC AD Problem 7
Directory object not found during dcpromo 3
Dcpromo down 1

Top