Main Menu

Removing a child domain that no-longer exists

 

Rarely, a situation may arise where a child domain has been created in Active Directory, and the DC in that domain is no longer available. You are then left with a situation where you can’t contact the domain to either remove the objects, or the domain itself.

  1. Remove all the DNS entries for the missing DCs and the child domain. Make sure you get the GUID entries too.
  2. Fire up ntdsutil and connect to the operations master:

ntdsutil: metadata cleanup
 metadata cleanup:
 metadata cleanup: connections
 server connections:
 server connections: connect to server yourdomain.local
 Binding to london …
 Connected to london using credentials of locally logged on user
 server connections:
 server connections: quit
 metadata cleanup:
 metadata cleanup: select operation target
 select operation target:
 select operation target: list domains
 Found 2 domain(s)
 0 – DC=yourdomain,DC=local
 1 – DC=child,DC=yourdomain,DC=local
 select operation target:
 select operation target: select domain 1
 No current site
 Domain – DC=child,DC=yourdomain,DC=local
 No current server
 No current Naming Context
 select operation target:
 select operation target: quit
 metadata cleanup:
 metadata cleanup: remove selected domain

You may find that you cannot delete the child because servers still exist.

In that case:

ntdsutil: metadata cleanup
metadata cleanup:
metadata cleanup: connections
server connections:
server connections: connect to server yourserver.yourdomain.local
Binding to london …
Connected to yourserver using credentials of locally logged on user
server connections:
server connections: quit
metadata cleanup:
metadata cleanup: select operation target
select operation target:
select operation target: list sites
Found 1 site(s)
0 – CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=yourdomain,DC=local
select operation target:
select operation target: select site
Site – CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=yourdomain,DC=local
No current domain
No current server
No current Naming Context
select operation target:
select operation target: list servers in site
Found 1 server(s)
0 – CN=rogueserver,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=yourdomain,DC=local
select operation target: select server 0

 

You should then be able to back out (quit) and remove the server  (remove selected server). If you get a warning about a domain not being selected, then list them (list domains), and select the domain (select domain x).

 

No comments yet.

Leave a Reply