Step-By-Step: Manually Removing A Domain Controller Server

Skip to content

• Step 1: Removing metadata via Active Directory Users and Computers
• Step 2: Removing the DC server instance from the Active Directory Sites and Services
• Step 3: Remove metadata via ntdsutil

Use of DCPROMO is still the proper way to remove a DC server in an Active Directory infrastructure. Certain situations, such as server crash or failure of the DCPROMO option, require manual removal of the DC from the system by cleaning up the server’s metadata. The following detailed steps will help you accomplish this:

Step 1: Removing metadata via Active Directory Users and Computers

1. Log in to DC server as Domain/Enterprise administrator and navigate to Server Manager > Tools > Active Directory Users and Computers
2. Expand the Domain > Domain Controllers
3. Right click on the Domain Controller you need to manually remove and click Delete
4. Click Yes to confirm within the Active Directory Domain Services dialog box
5. In next dialog box, select This Domain Controller is permanently offline and can no longer be demoted using the Active Directory Domain Services Installation Wizard (DCPROMO) and click Delete
6. If the domain controller is global catalog server, in next window click Yes to continue with deletion
7. If the domain controller holds any FSMO roles in next window, click Ok to move them to the domain controller which is available

Step 2: Removing the DC server instance from the Active Directory Sites and Services

1. Go to Server manager > Tools > Active Directory Sites and Services
2. Expand the Sites and go to the server which need to remove
3. Right click on the server you which to remove and click Delete
4. Click Yes to confirm

Step 3: Remove metadata via ntdsutil

1. Right Click on Start > Command Prompt (admin)
2. Type ntdsutil and enter
3. You are then presented with the metadata cleanup prompt
4. Next type remove selected server <servername>NOTE: Replace <servername> with domain Controller server you wish to remove
5. Click Yes to proceed when presented with the warning window
6. Execute the quit command twice to exit out of the console

NOTE: This post was originally posted on CANITPRO.NET and was co-authored by Microsoft MVP Dishan Francis

The following document provides examples of other ways to monitor on-premises and in cloud servers: Analyze and visualize monitoring data

This article was originally published by Microsoft's ITOps Talk Blog. You can find the original article here.Tags: Active Directory, Authentication, How To, Step-by-Step, Video

Related Posts

• Disaster Recovery in the next version of Azure Stack HCI
• Deep dive: How Azure AD Kerberos works
• Windows 10 or Windows 11 GPO ADMX – Which one to use for your central store?
• What’s new in Microsoft Entra – September 2024
• VoiceRAG: An App Pattern for RAG + Voice Using Azure AI Search and the GPT-4o Realtime API for Audio

← Previous Microsoft ArticleNext Microsoft Article → Search for:

Related Posts

• Disaster Recovery in the next version of Azure Stack HCI
• Deep dive: How Azure AD Kerberos works
• Windows 10 or Windows 11 GPO ADMX – Which one to use for your central store?
• What’s new in Microsoft Entra – September 2024
• VoiceRAG: An App Pattern for RAG + Voice Using Azure AI Search and the GPT-4o Realtime API for Audio

Latest Articles

• Azure Recognized as an NVIDIA Cloud Exemplar, Setting the Bar for AI Performance in the Cloud
• PowerShell, OpenSSH, and DSC team investments for 2026
• Four priorities for AI-powered identity and network access security in 2026
• Deploy Azure OpenAI with Terraform and use it in Microsoft AI Shell
• Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations

Topics

• Administration (478)
• Artificial Intelligence (230)
• Azure (315)
• Clustering (73)
• Entra ID (AD) (86)
• Networking (49)
• PowerShell (96)
• Security (408)
• SQL Server (150)
• Storage (73)

Popular Posts

• Design For Azure Cloud
• Learn