Active Directory cleaning after role seizure

Hi everyone,

I had a network with the 2 DC's below.

DC 1: Windows Server 2003, holder of all FSMOs.
DC 2: Windows Server 2008.

DC1 died, and it was not possible to recover.  I seized all roles on DC2, and the domain is working just fine.

My question...

I need to clean up the AD by removing all references to DC1.  As DC1 is forever a memory, what is the best (and complete) way to do this?

I know that this will most likely involve ADSI.  If so, please be as specific as possible.

Many, many thanks!

Who is Participating?
Mike KlineConnect With a Mentor Commented:
It used to involve ntdsutil  (you can still use that method)  but in 2008 it gets easier because a lot of it is through the GUI

when this is done and you are ready try and get another DC up as soon as you can.   This example is perfect for illustrating why 2 DCs is always key.


Alan HardistyConnect With a Mentor Co-OwnerCommented:
The best way to do this is using ntdsutil and the correct steps are outlined in the following link:
The server might not be coming back, but unless you wait till tombstone period the setup a second dc as recommended, the dc1 can be reused for the replacement server.
barronfrakerAuthor Commented:
alanhardisty and  mkline71,

Both your posts were helpful.  The GUI-based approach made this last a lot less longer than I had expected, but true to form, Microsoft's solution was incomplete.  Alan's Petri link filled in the blanks (like cleaning out DNS), so now everything is running smoothly.

Thanks to you both!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.