Link to home
Start Free TrialLog in
Avatar of Jaime Campos
Jaime CamposFlag for United States of America

asked on

Clean Up Server Metadata

Hello - I have a DC that has become inaccessible and I need to remove it from my domain. I have already seized FSMO roles from this domain.

I have attempted to do the removal from CMD prompt.


To clean up server metadata by using Ntdsutil

--------------------------------------------------------------------------------



1.Open a command prompt as an administrator: On the Start menu, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, provide Enterprise Admins credentials, if required, and then click Continue.


2.At the command prompt, type the following command, and then press ENTER:

ntdsutil


3.At the ntdsutil: prompt, type the following command, and then press ENTER:

metadata cleanup


4.At the metadata cleanup: prompt, type the following command, and then press ENTER:

remove selected server mydc2

I get this error message:

PS C:\Windows\system32> ntdsutil
C:\Windows\system32\ntdsutil.exe: metadata cleanup
metadata cleanup: remove selected server mydc2
Binding to localhost ...
Connected to localhost using credentials of locally logged on user.
LDAP error 0x22(34 (Invalid DN Syntax).
Ldap extended error message is 0000208F: NameErr: DSID-03100225, problem 2006 (BAD_NAME), data 8350, best match of:
        'CN=Ntds Settings,mydc2'

Win32 error returned is 0x208f(The object name has bad syntax.)
)
Unable to determine the domain hosted by the Active Directory Domain Controller (5). Please use the connection menu to s
pecify it.
metadata cleanup:
Avatar of Satish Auti
Satish Auti
Flag of India image

In connection hope you have connected to functional domain controller and not the failed domain.

https://www.petri.com/delete_failed_dcs_from_ad
Avatar of Jaime Campos

ASKER

Yes, I connected to production DC.
SOLUTION
Avatar of Satish Auti
Satish Auti
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Can you see the DC in Domain Controllers OU in AD Users and Computers. If not then ignore it and go ahead with DNS entries removal.
Yes it is listed within DC OU.
I have attempted to do the removal from CMD prompt.

did you attempt using the GUI tools cited in the article i shared with you before?

https://www.experts-exchange.com/questions/29042212/How-to-remove-data-in-Active-Directory-after-an-unsuccessful-domain-controller-demotion.html?anchorAnswerId=42204607#a42204607