In our Previous topic we have discussed about How to Install Windows Server 2016 Technical Preview and The best new features in Windows Server 2016 Today will see about: Remove Failed/Offline Domain Controllers from Active Directory Manually
In Active Directory infrastructure, if you want to remove a Domain Controller (DC) server the proper way is to run DCPROMO and remove it.
But there are situations such as server crash or failure of dcpromo option which will lead to manually remove the DC from the system (event of even recovery, repair option doesn’t work).
How we can do it? The option is to clean up the server metadata.
- Metadata cleanup is a required procedure after a forced removal of Active Directory Domain Services (AD DS).
- You perform metadata cleanup on a domain controller in the domain of the domain controller that you forcibly removed.
- Metadata cleanup removes data from AD DS that identifies a domain controller to the replication system.
- Metadata cleanup also removes File Replication Service (FRS) and Distributed File System (DFS) Replication connections and attempts to transfer or seize any operations master (also known as flexible single master operations or FSMO) roles that the retired domain controller holds.
- How to Allow or Prevent Domain Users from Joining Workstations to Domain
- Protected Users Security Group in Active Directory
Let’s see how we can do it in steps.
Clean up Metadata using Active Directory Users and Computers
- Log in to DC server as Domain or Enterprise administrator
- Server Manager > Tools > Active Directory Users and Computers
- Expand the Domain > Domain Controllers
4. Right click on the DC server that needs to remove manually. And click delete
5. In next dialog box, click yes to confirm
6. In next dialog box, select This Domain Controller is permanently offline and can no longer be demoted using the Active Directory Domain Services Installation Wizard (DCPROMO) and click Delete
7. If the domain controller is global catalog server, in next window click yes to continue with deletion
8. If the domain controller currently holds one or more operations master roles, click OK to move the role or roles to the domain controller that is shown.
Note: You cannot change this domain controller. If you want to move the role to a different domain controller, you must move the role after you complete the server metadata cleanup procedure.
Clean up the DC server from the Active Directory Sites and Services
- Go to Server manager > Tools > Active Directory Sites and Services
- Expand the Sites and go to the server which need to remove
- Right click and click Delete
4.In next window click yes to confirm
Clean up metadata using ntdsutil
- Right Click on Start > Command Prompt (Run as administrator)
- Type ntdsutil and enter
3. Then metadata cleanup
4. Then type remove selected server <servername>, replace <servername> with DC server to remove.
5. In warning window click yes to proceed
You have removed metadata of broken/Failure Domain Controller from your domain!
- How to Install Active Directory on Windows Server 2008
- How To Create Additional Domain Controller (ADC) In Windows Server 2008
- Creating a New Child Domain in Windows Server 2008
- Steps for Deploying & Installing an Read-Only Domain Controller (RODC)