Saturday, April 29, 2023

How to Remove an orphaned Windows Domain

I recently had to remove a Domain Controller and a Child Domain from a Windows Forest because it was no longer needed by my client. I tried using the Server Manager GUI and kept running into errors after errors. So, I turned my focus to ntdsutil which I have used many, many times in the past to solve this type of issues with orphaned DC's.

First, you must remove the orphaned DC's and then you can remove the orphaned Domain.

Process: Locate the DC that has the Domain Naming Master role you can do this by typing

netdom query fsmo and use that server to run the ntdsutil and metadata cleanup commands. 

How to remove DC's manually

  1. Type ntdsutil

  2. Type metadata cleanup

  3. Type connections

  4. Type connect to server "servername" This is the name of the domain controller that holds the Domain Naming Master FSMO Role.

  5. Type quit and then you are in the Metadata Cleanup menu

  6. Type select operation target

  7. Type list sites. Which displays a list of sites in the forest and each site has a number associated with it.

  8. Type select site "number". Important - Make sure you select the number of the domain to be removed

  9. Type list domains in site, and then press Enter. A list of domains in the site is displayed, each with an associated number.

  10. Type select domain "number". Select the number associated with the domain to be removed.

  11. Type list servers for domain in site. A list of domain controllers in the domain is displayed  and each DC has an associated number.

  12. Type select server "number".  Select the number that is associated with the domain controller to be removed.

  13. Type quit. The Metadata Cleanup menu is then displayed.

  14. Type remove selected server.You should now receive the confirmation that the removal of the DC that you selected to be removed was successful.

  15. Type quit at each menu

Repeat the steps above for any remaining or orphaned DC's of the child domain to be removed.

How to remove a Domain manually

    1. Type ntdsutil

    2. Type metadata cleanup

    3. Type connections

    4. Type connect to server "servername", This is the name of the domain controller that holds the Domain Naming Master FSMO Role.

    5. Type quit. The Metadata Cleanup menu is then displayed.

    6. Type select operation target.

    7. Type list domains. A list of domains in then displayed that belong to the forest, each has an associated number.

    8. Type select domain "number".  Important - Select the umber of the domain to be removed.

    9. Type quit. The Metadata Cleanup menu is then displayed.

    10. Type remove selected domain.You will receive confirmation that the removal was successful.

    11. Type quit

    Open the Active Directory Sites and Services and remove the domain controllers of the domain to be removed from their site, manually.

  2. Open Active Directory Domains and Trusts and remove any trust relationships if applicable to the domain that you deleted.

  3. Remove all entries in DNS related to the domain that you removed, also remove any SRV records.

    Check for any other reminiscences of the DC's and Domain that you removed in DNS, Active Directory Sites and Services, etc.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)