Solved

Remove Failed Domain Controller

Posted on 2014-04-03
4
214 Views
Last Modified: 2014-05-06
Hi,

We need to remove a domain controller that we cannot demote. What do we do to clean up AD after pulling the plug? we are running Server 2008 R2 AD.

Thanks!
0
Comment
Question by:rookie_b
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 500 total points
ID: 39975134
Hi,

1. Please run DCPROMO /FORCEREMOVAL
2. Perform metadata cleanup. (http://support.microsoft.com/kb/216498)
3. make sure that you dont have any object in ADUC, DNS and sites &services.
0
 

Author Comment

by:rookie_b
ID: 39975200
Thank you,

DCPROMO /Forceremoval - we cannot access the DC, so we can't run on it. Would the other two points be sufficient?
0
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39975213
yes,
0
 
LVL 17

Expert Comment

by:Premkumar Yogeswaran
ID: 39975335
Hi,
In this scenario, you can shutdown and do the metadata clean up..

Make sure the server wont come back online.. (Format and rebuild the server)

Check the below link for MDC (meta data cleanup)

http://support.microsoft.com/kb/216498
http://www.petri.co.il/delete_failed_dcs_from_ad.htm

Regards,
Prem
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question