Cannot delete orphaned domain contorller

windows active-directory windows-server-2003
6,842

Solution 1

You want to go thru the Forcing the Removal of a Domain Controller procedure as specified by Microsoft. You can't just delete the old computer object and have things work properly.

You can't do the "dcpromo /forceremoval" portion because the old computer is already gone, so just ignore that part.

The only part you'll really need to do is the NTDS metadata cleanup portion of the procedure, so you might just skip to that.

Solution 2

Petri.co.il has excellent guides for this.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm

http://www.petri.co.il/forcibly_removing_active_directoy_from_dc.htm

Solution 3

Remove the replication link for the server in AD sites and services. Problem fixed. Try deleting again.

Share:
6,842

Related videos on Youtube

areo
Author by

areo

Student in second year of Management Information System at New York Institute of Technology. 3.5 years as an IT Administrator supporting Microsoft based small business networks. MCSE certified.

Updated on September 17, 2022

Comments

  • areo
    areo over 1 year

    One of the main domain controllers harddisk failed so I had to replace it and reinstall Windows Server 2003 all over again from scratch. Luckily, I have another domain controller layer around.

    Now the problem is that I could join the domain because of "The specified user already exists". I went to AC Users and Computers on the other domain controller to delete the old computer name but I received "The object SER1 (or some of the objects it contains) cannot be deleted because: Access is denied" note that I logged in with a Enterprise admin privileges. This is really weird.

    Did some internet searching and found that I have to delete the old name using ADSI Edit (adsiedit.msc) but to no avail. I still get Access is denied.

    Kindly advice. I am really getting frustrated and I need to use the same old name on the server.

    Thanks in advance SZ

  • areo
    areo almost 15 years
    Thanks but the forcing removal did not work. I don't know what is the source if the problem here. I even tried running this vbs script microsoft.com/technet/scriptcenter/scripts/ad/domains/… and while it shows it's a successful process I still see the old domain controller
  • Spence
    Spence almost 15 years
    What do you mean by "the forcing removal did not work"? Are you receiving an error message when attempt to do the metadata cleanup from NTDSUTIL?
  • areo
    areo almost 15 years
    I didnt know how to use "metadata cleanup". Sorry if i miss informed you earlier.
  • jmservera
    jmservera over 11 years
    Can you add more explanation of how and why this fixes the problem.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How can I see all users of domain in this PC?
GPO refresh error - Policy Refresh has not completed in the expected time. Exiting
Error when adding to the domain : the specified server cannot perform the requested operation
How do I grant local administrator rights, but not Domain Administrator Rights?
Windows Cannot View Domain Location
Join Windows 2003 R2 guest to Windows 2012 R2 domain controller
Windows AD DNS: Event ID 5504
username.domain profile in AD environment
How do I rename a DFS root?
Directory Service is unable to allocate a relative identifier