Cannot remove DC from Network

Hey guys,

We have a DC in one of our Hyper-V VM environments that has a lot of problems.  It appears that system files have been corrupted.  I ran sfc /scannow and it didn't resolve the issue.  MMC snap-ins don't load and other stuff doesn't function properly.

So we went ahead and decided to create a new DC and moved all the FSMO roles to the new DC.  However when I try to remove the old DC using dcpromo /forceremoval I receive the error below.  I haven't really found any articles that were very helpful.  If anyone can shed some light on what's going on here I'd greatly appreciate it.  Thanks!

 dcpromo.PNG
emag50Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
Does the new DC reflect no issues with dcdiag?
Power off the failed DC and make sure the remaining DC is functional. Use ntdsutils on the new DC to make sure it has all the roles.
Ntdsutil can be used to seize tge roles meaning the old DC must not be put back on the network in its old state if seizure is done.

If you do seize, make sure it is done after all the data files needed have been transferred.
Brian MurphyIT ArchitectCommented:
Forest or Child domain?

Schema master?
Rakesh KapoorCommented:
As per your comments I assume that you have already moved all the FSMO roles, however if you have not moved, follow the article and move all the FSMo roles to new DC. Use Seize if graceful move is not working.

http://www.itingredients.com/what-is-fsmo-roles-flexible-single-master-operations/

If you are facing an issue while doing DCPROMO /Forceremoval then you can reinstall OS. In both the scenarios you need to perform metadata cleanup to remove all the references of old domain controller from new domain controller.
Lee W, MVPTechnology and Business Process AdvisorCommented:
As others are suggesting (but to summarize):

Turn off the failing DC and remove it physically (backup and delete the VM), then delete the DC from AD - this is automatic in newer versions of Server when you delete the DC in the Domain Controllers OU, but if you have an older version, you follow the directions for Metadata Cleanup.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Will SzymkowskiSenior Solution ArchitectCommented:
Althgouth this is done automatically it is always a good idea to use NTDSUtil to ensure that the objects were removed, Never assume.

Other things that were not mentioned are the following...
- check sites and services (if there are any objects referencing the failed DC delete them)
- make sure that you setup the new DC with an external time source (PDC)
- open DNS management and expand the _msdcs.domain.com folder and check all of the sub folders and make sure that there are no entries pointing to this DC, if there are, delete them

Also run netdom query fsmo and netdom query dc


Will.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.