none
dead DC

    Question

  • I have ADDS forest with 3 child Domains. Forest and Domain funtional Level 2008 R2

    In one child Domain I have a dead DC.  I delete this DC in AD Sites and Services succesfully, but the Computer object still exist in AD Users and Computers. When I try to delete in ADUC I get a message 'Confirm subtree deletion', there is still a object 'NTFRS Subcriptions' and 'Domain System Volume (Sysvol share)'. I use ntdsutil to clean up metadata, but can not find anything.

    regards Reinhard

    Friday, March 10, 2017 2:34 PM

Answers

  • You should perform metadata cleanup for this orphaned dc;

    Metadata cleanup; https://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx

    Also check these;

    https://support.microsoft.com/en-us/help/555846

    http://blogs.msmvps.com/acefekay/2010/10/04/complete-step-by-step-to-remove-an-orphaned-domain-controller/


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    • Proposed as answer by Todd Heron Friday, March 10, 2017 5:07 PM
    • Marked as answer by Reinhard Gruener Wednesday, March 15, 2017 8:46 AM
    Friday, March 10, 2017 2:40 PM
  • Hi

     check this article to remove with adsiedit.(also compare with your steps),

    https://support.microsoft.com/en-us/help/555846

    Also Remove old DNS and WINS records of the orphaned Domain Controller.


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Monday, March 13, 2017 1:05 PM

All replies

  • You should perform metadata cleanup for this orphaned dc;

    Metadata cleanup; https://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx

    Also check these;

    https://support.microsoft.com/en-us/help/555846

    http://blogs.msmvps.com/acefekay/2010/10/04/complete-step-by-step-to-remove-an-orphaned-domain-controller/


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    • Proposed as answer by Todd Heron Friday, March 10, 2017 5:07 PM
    • Marked as answer by Reinhard Gruener Wednesday, March 15, 2017 8:46 AM
    Friday, March 10, 2017 2:40 PM
  • Hi Reinhard,
    >>I use ntdsutil to clean up metadata, but can not find anything.
    Burak has provided lots of useful suggestions for this.
    Besides, i want to give a little supplement: Before demoting the DC, ensuring that none dirty data has been replicated to other DCs. After DC is demoted, on other DCs you could manually sync the data again or waiting for the next time sync time that AD matches the default time.
    For this old DC,you could making it as a fileserver or storage device by re-installing the OS.
    If you need more assistance, please feel free to ask here.
    Best regards,
    Andy


    Monday, March 13, 2017 3:37 AM
    Moderator
  • Thank's for the reply.

    I already use ntdsutil to do metadata cleanup. But ntdsutil tell me that this DC doesn't exist.

    When I have a look with ADSI edit in Default NC, DC=xxxx, DC=yyy, OU=Domain Controllers, I see this DC with child CN=NTFRS Subscriptions

    When I look in Default NC, DC=xxxx, DC=yyy, CN=System, CN=File Replication Service, CN=Domain System Volume (Sysvol share) I don't see this DC

    best regards, Reinhard

    Monday, March 13, 2017 12:44 PM
  • Hi

     check this article to remove with adsiedit.(also compare with your steps),

    https://support.microsoft.com/en-us/help/555846

    Also Remove old DNS and WINS records of the orphaned Domain Controller.


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Monday, March 13, 2017 1:05 PM
  • Thank you for the helpfull links.

    regards Reinhard

    Wednesday, March 15, 2017 8:47 AM