Different results showing when one queries for the list of domain controllers. These commands do not return the ghost DCs(Recently demoted DC): nltest /dclist:DomainFQDNHere Get-ADDomainController -Filter * | select name,operatingsystem,HostName,site,IsGlobalCatalog,IsReadOnly,IPv4Address netdom query dc The commands below do return the ghost DCs(Recently demoted DC): nltest /dnsgetdc:DomainFQDNHere

Hello @RawatP , Thank you for your update. According to our experience, we encountered such a situation (can not delete SRV records or delete SRV records, then will appear again) on the domain controller of 2012 R2. 1.What is the version of the operating system of your DC that we perform the deletion operation? Is it a 2012 R2 DC? 2.How many DCs in your domain? 3.What are the version of the operating system of all DCs in your domain? If you have multiple DCs with different OS versions in this domain (such as 2012, 2012 R2 and 2016 or 2019), we can try to delete these SRV records for this demoted server on other DCs except 2012 R2 DC, if we can delete these SRV records for this demoted server on other DCs and AD replication works fine, the deletion changes will be updated on all DCs in the domain. Hope the information above is helpful. If anything is unclear, please feel free to let us know. Best Regards, Daisy Zhou

@Anonymous yes, removed DC used to be one DC ( also one DNS server), however now we removed the AD DS and demoted it as a member server, then we use this member server with the same host name and IP address as your terminal licensing server. I just have tried to remove all SRV records manually, but it automatically came back . No CNAME record found for the server

Hello @RawatP , Thank you for your update. If you delete these records and refresh the DNS manager interface, they will appear immediately? Or is it that these records were re-registered after 5-30 minutes? If these records were re-registered after several minutes, it seems that the demoted DC is not uninstalled cleanly. 1.Can you find the demoted server object from the sites in Active Directory Sites and Services , expand the appropriate site and delete the server object associated with the failed domain controller. 2.Can you find the demoted server object from the Domain Controllers container in Active Directory Users and Computers , expand the domain controllers container and delete the computer object associated with the failed domain controller. 3.Can you see the demoted server object after running the following commands? repadmin /replsum repadmin /showrepl /csv >showrepl.csv Best Regards, Daisy Zhou

nltest /dclist and nltest /dnsgetdc showing different results

RawatP 61

Different results showing when one queries for the list of domain controllers.

These commands do not return the ghost DCs(Recently demoted DC):

nltest /dclist:DomainFQDNHere
Get-ADDomainController -Filter * | select name,operatingsystem,HostName,site,IsGlobalCatalog,IsReadOnly,IPv4Address
netdom query dc

The commands below do return the ghost DCs(Recently demoted DC):

nltest /dnsgetdc:DomainFQDNHere

Accepted answer

Anonymous

2020-10-30T02:29:18.147+00:00

Hello @RawatP ,

Thank you for your update.

According to our experience, we encountered such a situation (can not delete SRV records or delete SRV records, then will appear again) on the domain controller of 2012 R2.

1.What is the version of the operating system of your DC that we perform the deletion operation? Is it a 2012 R2 DC?
2.How many DCs in your domain?
3.What are the version of the operating system of all DCs in your domain?

If you have multiple DCs with different OS versions in this domain (such as 2012, 2012 R2 and 2016 or 2019), we can try to delete these SRV records for this demoted server on other DCs except 2012 R2 DC, if we can delete these SRV records for this demoted server on other DCs and AD replication works fine, the deletion changes will be updated on all DCs in the domain.

Hope the information above is helpful. If anything is unclear, please feel free to let us know.

Best Regards,
Daisy Zhou
Please sign in to rate this answer.
RawatP 61 Reputation points

2020-10-30T19:14:26.767+00:00

@Anonymous

Yes, after removing SRV from other than 2012 R2 all SRV records didn't came back.
Looks like it worked out for me.

Thankyou very much.

Anonymous

2020-11-02T01:04:21.237+00:00

Hello @RawatP ,

Thank you for your update and marking my reply as answer. I’m very glad that the information is helpful and the problem has been solved.
As always, if there is any question in future, we warmly welcome you to post in this forum again. We are happy to assist you!
Have a nice day!

Best Regards,
Daisy Zhou
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.

6 additional answers

RawatP 61 Reputation points

2020-10-29T02:56:19.16+00:00

@Anonymous
yes, removed DC used to be one DC ( also one DNS server), however now we removed the AD DS and demoted it as a member server, then we use this member server with the same host name and IP address as your terminal licensing server.

I just have tried to remove all SRV records manually, but it automatically came back .
No CNAME record found for the server
Please sign in to rate this answer.

0 comments No comments
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.
Anonymous

2020-10-29T06:26:42.627+00:00

Hello @RawatP ,

Thank you for your update.

If you delete these records and refresh the DNS manager interface, they will appear immediately?

Or is it that these records were re-registered after 5-30 minutes?

If these records were re-registered after several minutes, it seems that the demoted DC is not uninstalled cleanly.

1.Can you find the demoted server object from the sites in Active Directory Sites and Services, expand the appropriate site and delete the server object associated with the failed domain controller.

2.Can you find the demoted server object from the Domain Controllers container in Active Directory Users and Computers, expand the domain controllers container and delete the computer object associated with the failed domain controller.

3.Can you see the demoted server object after running the following commands?

repadmin /replsum

repadmin /showrepl /csv >showrepl.csv

Best Regards,
Daisy Zhou
Please sign in to rate this answer.
RawatP 61 Reputation points

2020-10-29T13:17:22.567+00:00

yes, it appeared immediately,
No object is found under Active Directory Sites and Services for this server
Also Computer object is already moved from Domain Controllers container to computer OU in Active Directory Users and Computers automatically during demotion of server.
However I have found few more entries for this server under _msdcs.root domain ->DC,domain and GC->sites

Demoted server only showing with nltest /dnsgetdc

From repadmin /replsum

repadmin /showrepl /csv >showrepl.csv

Only curreny running servers are showing
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.

Share via

nltest /dclist and nltest /dnsgetdc showing different results

6 additional answers

Your answer