Schema
Before error there was 1 Exchange server 2013 + DC (Server1) and second server with backup DC (Server2). Server1 hosted all FSMO roles. Server2 was only DC + GC + Sharepoint server.
Problem
SSD disk as system drive on Exchange server + DC is not a good idea and one of my friends wanted to have it. It worked 6 months and then crashed. Everything is lost, but one last DC in forest. I started to solve the problem. First of all I needed to install the server with same name and promote it to DC. It is not easy task, because first of all it is needed to seize FSMO role to live domain controller. I started to seize the roles, but it is not so easy task when FSMO role holder is dead server. Finally use of NTDSUTIL will help but steps needed are quite hard so here are the steps. Thanks to Petri.co.il article: http://www.petri.co.il/delete_failed_dcs_from_ad.htm
Solution
The goal is to seize roles from Server1 to Server2 and remove old server computer account from AD. In other words make primary domain controller from Server2. We need to use NTDSUTIL.EXE (already part of Windows Server 2012 with installed DC).
1. Run NTDSUTIL.EXE – commands of NTDSUTIL will be opened
PS D:\>ntdsutil
ntdsutil:
2.At the Ntdsutil: type “metadata cleanup” Enter.
ntdsutil: metadata cleanup
metadata cleanup:
3.At the metadata cleanup: type “connections” Enter.
metadata cleanup: connections
server connections:
4.At the server connections: type “connect to server Server“Enter, where Server is working domain controller, to clean up the metadata of the failed DC.
server connections: connect to server Server2
Binding to Server2 ...
Connected to Server2 using credentials of locally logged on user.
server connections:
Note: Windows Server 2003 Service Pack 1 eliminates the need for the above step.
5.Type “quit” Enter to return you to the metadata cleanup: prompt.
server connections: quit
metadata cleanup:
6.Type “select operation target” Enter.
metadata cleanup: Select operation target
select operation target:
7.Type “list domains” Enter. This lists all domains in the forest with a number associated with each.
select operation target: list domains
Found 1 domain(s)
0 - DC=domain,DC=local
select operation target:
8.Type “select domain number“, where number is the number of domain with failed server.
select operation target: Select domain 0
No current site
Domain - DC=domain,DC=local
No current server
No current Naming Context
select operation target:
9.Type “list sites” Enter.
select operation target: List sites
Found 1 site(s)
0 - CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
select operation target:
10.Type “select site number” Enter, where number is the number of the site, where failed DC was member.¨
select operation target: Select site 0
Site - CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
Domain - DC=domain,DC=local
No current server
No current Naming Context
select operation target:
11.Type “list servers in site” Enter. This will list all servers in previously selected site.
select operation target: List servers in site
Found 2 server(s)
0 - CN=Server1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
1 - CN=Server2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
select operation target:
12.Type “select server number” Enter, where number refers to the DC to be removed.
select operation target: Select server 0
Site - CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
Domain - DC=domain,DC=local
Server - CN=Server1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
DSA object - CN=NTDS Settings,CN=Server1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
DNS host name - Server1.dpetri.net
Computer object - CN=Server1,OU=Domain Controllers,DC=domain,DC=local
No current Naming Context
select operation target:
13.Type “quit” Enter. The Metadata cleanup menu is displayed.
select operation target: quit
metadata cleanup:
14.Type “remove selected server” Enter.
Warning message appears. Read it, and if you agree, select Yes.
metadata cleanup: Remove selected server
"CN=Server1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local" removed from server "Server2"
metadata cleanup:
AD confirms DC is removed. First part is over. Roles should be seized to server2:
15. Type “netdom query fsmo” Enter and check results:
PS D:\> netdom query fsmo
Schema master Server2.domain.local
Domain naming master Server2.domain.local
PDC Server2.domain.local
RID pool manager Server2.domain.local
Infrastructure master Server2.domain.local
The command completed successfully.
PS D:\>
16. Delete computer account for Server2 from AD
To perform this step you must give yourself permission to full control this computer object.
17. Check DNS records and remove DNS records for this computer account.