question

raja-0738 avatar image
0 Votes"
raja-0738 asked DSPatrick commented

How to remove failed Domain Controller

Hello,

We have couple of Windows Server 2008 R2 Domain Controller in my Domain, out of which one DC is failed & we unable to bring it back to the network.

I came to know some articles where it has been stated to delete the DC object directly from ADUC & ADSS. I just want to understand what are the right steps to follow so we can remove the failed DC with no metadata footprint.

Thanks.

windows-active-directory
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

yagmoth555 avatar image
0 Votes"
yagmoth555 answered DSPatrick edited

Hi

Make sure that DC is offline, and will stay offline first.

After that you can delete the computer account from the ADUC's console, it will prompt you a message, that if you forcelly remove it, say yes. It will remove reference to it from ntdsutil.

You will need to clean the DNS's zone afterhand, as some entry might still reference it.

Make sure your DHCP no longer give that DC IP.

Except that, it should be clean after.

Thanks

· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

If I delete the DC object from AD users-computers & AD site-Services, I don't need to do the metadata cleanup from NTDSUTIL, right? (as we are having Windows Server 2008 DC)

0 Votes 0 ·

These operations are one and the same.

--please don't forget to upvote and Accept as answer if the reply is helpful--



0 Votes 0 ·

One more question, Do I need to first seize the FSMO roles owned by this failed DC before deleting the failed DC object from ADUC & ADS&S or Do the deletion of failed DC object directly from ADUC-ADS&S console will transfer the roles hold by that failed DC to available DC?

0 Votes 0 ·
Show more comments
DSPatrick avatar image
0 Votes"
DSPatrick answered DSPatrick commented
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Just checking if there's any progress or updates?

--please don't forget to upvote and Accept as answer if the reply is helpful--



0 Votes 0 ·
LimitlessTechnology-2700 avatar image
0 Votes"
LimitlessTechnology-2700 answered

Hello Raj A,

This step-by-step guide will help you achieve it completely:

https://techcommunity.microsoft.com/t5/itops-talk-blog/step-by-step-manually-removing-a-domain-controller-server/ba-p/280564

Hope this answers your query,
Best regards,

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.