Active Directory

Step-By-Step: Manually Removing A Domain Controller Server

Performing metadata cleanup in Active Directory involves removing traces of domain controllers that were not properly demoted or have become inaccessible. Here are the steps to manually removing A Domain Controller Server.

Removing metadata via Active Directory Users and Computers

  • Log in to DC server as Domain/Enterprise administrator and navigate to Server Manager > Tools > Active Directory Users and Computers
    dsa-msc-console

    • If you have identified replication partners in preparation for this procedure and if you are not connected to a replication partner of the removed domain controller whose metadata you are cleaning up, right-click Active Directory Users and Computers node, and then click Change Domain Controller. Click the name of the domain controller from which you want to remove the metadata, and then click OK.

    Change-Domain-Controller

    • Expand the domain of the domain controller that was forcibly removed, and then click Domain Controllers.

    Domain-Controllers

    • In the details pane, right-click the computer object of the domain controller whose metadata you want to clean up, and then click Delete.

    Delete-Domain-Controller

    • In the Active Directory Domain Services dialog box, confirm the name of the domain controller you wish to delete is shown, and click Yes to confirm the computer object deletion.

    Delete-Domain-Controller-Yes

    • In the Deleting Domain Controller dialog box, select This Domain Controller is permanently offline and can no longer be demoted using the Active Directory Domain Services Installation Wizard (DCPROMO), and then click Delete.

    Click-On-Delete

    • If the domain controller is a global catalog server, in the Delete Domain Controller dialog box, click Yes to continue with the deletion.

    Click-on Yes-Global-Catalog

    • If the domain controller currently holds one or more operations master roles, click OK to move the role or roles to the domain controller that is shown. You cannot change this domain controller. If you want to move the role to a different domain controller, you must move the role after you complete the server metadata cleanup procedure.

    DC-Removed-from-DSA-MSC

    Clean up server metadata using Active Directory Sites and Services

    • Open Active Directory Sites and Services.

    Site-and-services

    • If you have identified replication partners in preparation for this procedure and if you are not connected to a replication partner of the removed domain controller whose metadata you are cleaning up, right-click Active Directory Sites and Services, and then click Change Domain Controller. Click the name of the domain controller from which you want to remove the metadata, and then click OK.

    Change-Domain-Controller-Sites-and-Services

    • Expand the site of the domain controller that was forcibly removed, expand Servers.

    Expend-Site-DC

    • expand the name of the domain controller, right-click the NTDS Settings object, and then click Delete.

    Select-domain-controller-NTDS-Setting

    • In the Active Directory Sites and Services dialog box, click Yes to confirm the NTDS Settings deletion.

    NTDS-Setting-Delete

    • In the Deleting Domain Controller dialog box, select This Domain Controller is permanently offline and can no longer be demoted using the Active Directory Domain Services Installation Wizard (DCPROMO), and then click Delete.

    • If the domain controller is a global catalog server, in the Delete Domain Controller dialog box, click Yes to continue with the deletion.

    GC-Click-on-Yes

    • If the domain controller currently holds one or more operations master roles, click OK to move the role or roles to the domain controller that is shown.

    Right-click the domain controller that was forcibly removed, and then click Delete.

    • In the Active Directory Domain Services dialog box, click Yes to confirm the domain controller deletion.

      'Deleted-DC-from-Sites-and-Services

So, that’s all in this blog. I will meet you soon with next stuff. Have a nice day!!!

Guys please don’t forget to like and share the post. Also join our WindowsTechno Community and where you can post your queries/doubts and our experts will address them.

You can also share the feedback on below windows techno email id.

If you have any questions, feel free to contact us onadmin@windowstechno.com also follow us on facebook@windowstechno to get updates about new blog posts.

How useful was this post?

Click on a star to rate it!

As you found this post useful...

Follow us on social media!

Was this article helpful?
YesNo

Vipan Kumar

He is an Active Directory Engineer. He has been working in IT industry for more than 10 years. He is dedicated and enthusiastic information technology expert who always ready to resolve any technical problem. If you guys need any further help on subject matters, feel free to contact us on admin@windowstechno.com Please subscribe our Facebook page as well website for latest article. https://www.facebook.com/windowstechno

Leave a Reply

Back to top button