How to remove Domain Controller after failed AD CA removal and failed DCPromo /Forceremoval
Posted on 2016-08-17
I'm trying to decommission an SBS2008 server, and have finished moving all data and services off of it (including uninstalling Exchange). However, when I tried to remove the AD Cert Authority role, I got an error about the cert store being corrupt. Since i can't remove that, I can't demote the DC even with /ForceRemoval. What should my next step be? I've read that you can run a metadata cleanup, but is that all I have to do? Turn the server off and run a metadata cleanup through ndtsutil? Or is there more to it? Any and all help is appreciated.