Solved

Remove Crashed Domain Controller from Domain

Posted on 2013-06-10
7
4,197 Views
Last Modified: 2013-06-14
Hello ,

I have a forest with 2 domains controllers. Windows 2008r2 .  Primary and secondary.

The secondary domain controller have crashed completely . It is a virtual machine and it has corrupt data.

So , any ideas how force remove the secondary domain controller to add a new one ?

Thanks
0
Comment
Question by:Anestis Psomas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 19

Accepted Solution

by:
Miguel Angel Perez Muñoz earned 167 total points
ID: 39235087
If your damaged domain controller boots and start try this command: dcpromo /forceremoval
If does not boot, delete damaged virtual machine and make a metadata cleanup of damaged dc: http://technet.microsoft.com/es-es/library/cc816907(v=ws.10).aspx

To add a new domain controller, simply setup and install a new server and run dcpromo from command line.
0
 
LVL 24

Assisted Solution

by:Sandeshdubey
Sandeshdubey earned 167 total points
ID: 39235088
If server is online you can run dcpromo force removal on Secondary Dc and then perfrom metadata cleanup.But if the server is offline and cannot be brought back then you need to just perfrom metadata cleanup.

Forcefull removal of DC: http://support.microsoft.com/kb/332199
Metadata cleanup: http://www.petri.co.il/delete_failed_dcs_from_ad.htm

Complete Step by Step Guideline to Remove an Orphaned Domain controller (including seizing FSMOs, running a metadata cleanup, and more)
http://msmvps.com/blogs/acefekay/archive/2010/10/05/complete-step-by-step-to-remove-an-orphaned-domain-controller.aspx

Hope this helps
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 166 total points
ID: 39235091
Did the crashed DC hold any FSMO roles?   I'm assuming it did not.  You will have to cleanup the metadata from that dead box.   You just need to delete that box in ADUC from your good DC

http://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx

You can then build a new box and promote it.

Thanks

Mike
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
ID: 39235100
Forget to add one more thing. Check where are your FSMO roles: http://www.petri.co.il/determining_fsmo_role_holders.htm
If your FSMO roles are in damaged dc, you must to seize them: http://support.microsoft.com/kb/255504/
0
 
LVL 2

Expert Comment

by:babuse
ID: 39235104
If you can not boot the secondary DC, then you will have to manually remove the data from Active Directory.

Please check  
http://support.microsoft.com/kb/216498

 
Clean up server metadata
http://technet.microsoft.com/en-us/library/cc736378%28WS.10%29.aspx

Another good resource
http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 39236797
Make sure your working DC is authoritative time source and in sync with external time source
Refer below article to achieve the same.

http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/A_10789-Time-Service-Configuration.html
0
 

Author Comment

by:Anestis Psomas
ID: 39249240
Thanks all for your help,

with the guides you gave me i have managed to remove the failed DC.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question