Share via

Demote DC - how to clean up records left in DNS and DFS

SenhorDolas 1,326 Reputation points
2021-09-06T19:22:38.643+00:00

Hey,

I have successfully demoted a DC. Repamin and replication tool show no signs of this server in DC replication. AD shows the object as Computer and not as DC.

  1. In DNS, most of the forward lookup zones don't show the DC in the Name Servers tab however this server is still showing in these locations:
  2. In DFS, the Site (Paris) is still showing as referral.
    129613-image.png
    129723-16.png

Can I simply delete the record from those DNS zones and DFS out right using the consoles or is it something from complicated?
Thanks, M

Windows for business | Windows Client for IT Pros | Directory services | Active Directory
Windows for business | Windows Client for IT Pros | Networking | Network connectivity and file sharing
0 comments
Answer accepted by question author
  1. Anonymous
    2021-09-06T19:28:13.093+00:00
    2 people found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 40,081 Reputation points
    2021-09-07T10:20:52.007+00:00

    Hello @SenhorDolas ,

    This is a common scenario, unfortunately.

    I would suggest to run the next command to detect other orphaned entries:

    ldifde -f ldifde.txt -s PROD-DC1 -d "dc=corpdom,dc=local" -r "(name=demotedDChostname)" -p subtree

    After that, is safe to delete manually the records as long as all the FSMOs have been transferred to other DCs.

    Hope this resolves your query,
    Best regards,

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.