Without logon it will be difficult to do anything with this one. If it were me, I'd switch it off, do metadata cleanup.
https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/ad-ds-metadata-cleanup
https://techcommunity.microsoft.com/t5/itops-talk-blog/step-by-step-manually-removing-a-domain-controller-server/ba-p/280564
then confirm health is 100% and stand up a new one for replacement. I'd use dcdiag / repadmin tools to verify health correcting all errors found
before starting any
operations. Then stand up the new 2012, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health is good.
--please don't forget to upvote
and Accept as answer
if the reply is helpful--