I'm trying to delete a domain controller server that hasn't existed in a decade (the server itself is long dead).
I tried to delete the machine from the list of Domain Controllers by deleting the machine from the Domain Controllers node in Active Directory Users and Computers:
But it gives an error:
Of course it's not operational.
So now what?
netdom.exe
Does
netdom query fsmoshow good owners for each role?
>netdom query fsmo
Schema master dc2.serverfault.com
Domain naming master epstein.serverfault.com
PDC dc3.serverfault.com
RID pool manager dc3.serverfault.com
Infrastructure master dc3.serverfault.com
Active Directory Sites and Services (dssite.msc)
Trying to delete the server using Active Directory Sites and Services (dssite.msc) gives the error saying don't do it:
Active Directory Domain Services
Do not delete the EPSTEIN container object. EPSTEIN contains objects representing Domain Controller EPSTEIN and possibly other DCs. To delete these objects, demote the DCs using the Active Directory Domain Services Installation Wizard (DCPROMO). If the DCs represented by these objects are permanently offline and can no longer be demoted using the Active Directory Domain Services Installation Wizard (DCPROMO), you must delete them one at a time.
(emphasis mine)
Of course it doesn't say what to delete one at a time, where to delete it, or how to delete it.
Active Directory Domains and Trusts
Trying to use Active Directory Domains and Trusts tool:
- right click the Active Directory Domains and Trusts [ dc3.serverfault.com ] node
- click Operations Manager
And you are presented with a dialog:
The domain naming operations master ensures that domain names are unique. Only one Active Directory Domain Controller in the enterprise performs this role.
Domain naming operations master:
epstein.serverfault.comTo transfer the domain naming master role to the following computer, click Change.
dc3.serverfault.com
The transfer of the operations master role cannot be performed because:
The requested FSMO operation failed. The current FSMO holder could not be contacted.
I didn't ask you if you could contact it; i told you to fix it!
I just love this cargo-cult randomly-try-things approach. It's much better than Microsoft having a user-interface that does it. Or documentation.
Bonus Reading
- Microsoft TechCommunity: Step-By-Step: Manually Removing A Domain Controller Server
- How to properly and completely remove a Windows domain controller?
- How to remove orphaned Domain Controller's DNS records?
- Domain controller failed on domain, how do I remove it?
- Domain Controller etiquette after a crash between Server 2003 & Server 2008
- How to demote a Domain Controller (DC) in Windows Server 2012 Active Directory Domain Services (AD DS)
