Solved

Orphaned 2008 R2 Domain Controller - Not showing in Sites and Services

Posted on 2014-09-17
8
449 Views
Last Modified: 2014-09-22
We have local IT at a business that likes to tweak things and have us clean them up afterwards.  That being said this is the issue we are having to clean up now.

A DC died and could not be gracefully removed.  So going through the Metadata cleanup as usual and I am having this issue.

The DC that I am trying to cleanup does not show in Sites and Services.  Most likely deleted from that console before the metadata cleanup was performed.  Now when trying to go through the Metadata cleanup, at the list servers in site step, the only server that shows in the other GC in that site.  The one I am needing to cleanup metadata for is not there.

I cannot find anywhere what to do from here.  I am well experienced in metadata cleanup, but have never come across this particular instance before.

Any ideas?
0
Comment
Question by:considerscs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 29

Assisted Solution

by:becraig
becraig earned 500 total points
ID: 40328160
I would probably just try using ntdsutil to see if any remnants actually exist in AD:
ntdsutil - metadata cleanup - remove selected server <ServerName>

If you get an error, then it simply means the object was already removed.



There is also a script from MS that can help to identify the objects you want gone and it does the heavy lifting:
http://gallery.technet.microsoft.com/scriptcenter/d31f091f-2642-4ede-9f97-0e1cc4d577f3

I have not actually tested the script though.
0
 
LVL 1

Author Comment

by:considerscs
ID: 40328173
Thats the problem, is inside of the ntdsutil, it does not show, but in Active Directory under Domain Controllers it is still listed and cannot be removed.

But on the type and site column in AD user and computers it does not show GC or the site.
0
 
LVL 29

Assisted Solution

by:becraig
becraig earned 500 total points
ID: 40328218
Here is a blog with some basic troubleshooting steps and info:
http://www.techrepublic.com/article/picking-up-the-pieces-after-a-failed-domain-controller-demotion/

We should at the very least see if "LIST SERVERS IN SITE" report the server you are having the issue with.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 29

Assisted Solution

by:becraig
becraig earned 500 total points
ID: 40328228
As a final step, I will drill down into the zone to ensure all the records for that server are gone.

It might take some time based on the size of the organization, but you want to be thorough in the clean up of the zones if all else fails.

There is probably some artifact hanging around and fooling the AD into thinking it still exists.
0
 
LVL 1

Accepted Solution

by:
considerscs earned 0 total points
ID: 40328290
I finally got it.  The server in AD was not showing the correct permissions for the domain admins group.  So once fixing that I was able to get it removed.  Like I said we have to clean up what is messed up.  So sometimes its a crap shoot until you find what they did.
0
 
LVL 29

Expert Comment

by:becraig
ID: 40328304
Great it got resolved, you should probably let them know to leave the AD maintenance up to you in order to avoid future hiccups :~)
0
 
LVL 1

Author Comment

by:considerscs
ID: 40328326
Im blue in the face on that one :)
0
 
LVL 1

Author Closing Comment

by:considerscs
ID: 40336170
How the issues was solved is in my comment - awarding all other comments points as they helped to troubleshoot.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question