7,023 questions
This one may help to that end.
https://devblogs.microsoft.com/scripting/clean-up-domain-controller-dns-records-with-powershell/
--please don't forget to Accept as answer if the reply is helpful--
Metadata Cleanup of a Domain controller - SERVER 2012R2
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 91%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Nabeel
26
Reputation points
Hi,
For Server 2012R2: After a DC is dead, we have to use the following to cleanup metadata:
https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/ad-ds-metadata-cleanup
As far I understand, this will not remove the DNS records of this dead domain controller. We have to remove the DNS records manually.
Do we also have to delete DNS records in root domain (example.com) of DNS? Or do we only delete the DNS records from _msdcs.root domain ( _msdcs.example.com)? As far as I understand, there are always two zones for domain example.com:
example.com and _msdcs.example.com
Windows for business Windows Client for IT Pros Directory services Active Directory
Windows for business Windows Client for IT Pros Networking Network connectivity and file sharing
Windows for business Windows Server User experience Other
20,212 questions
3 answers
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous2021-01-01T13:35:51.89+00:00 -
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 80%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETB%3C/text%3E%3C/svg%3E)
Thameur-BOURBITA 36,261 Reputation points Moderator2021-01-03T18:17:26.417+00:00 Hi,
As far I understand, this will not remove the DNS records of this dead domain controller. We have to remove the DNS records manually.
Some DNS records can't be deleted automatically, you have to check and cleanup DNS records manually (NS,SRV,A,AAAA).
Do we also have to delete DNS records in root domain (example.com) of DNS? Or do we only delete the DNS records from _msdcs.root domain ( _msdcs.example.com)? As far as I understand, there are always two zones for domain example.com:
example.com and _msdcs.example.comYes you should delete all DNS records of deleted domain controller in the different domains example.com and _msdcs.example.com.
Please don't forget to mark helpful reply as answer
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 28.999999999999996%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVW%3C/text%3E%3C/svg%3E)
Vicky Wang 2,736 Reputation points2021-01-06T08:15:26.377+00:00 Hi,
Just checking in to see if the information provided was helpful.
Please let us know if you would like further assistance.
Best Regards,
Vicky