Windows: How to Cleanup Metadata after a tombstoned or orphaned Domain Controller creates artifacts in your Active Directory Domain

Created: 8/30/20

Updated: 1/3/21

A few things to touch-base on, I hope you’ve done the following tasks after a Domain Controller has been orphaned from your domain either from a failed motherboard, hard drive raid set, or maybe even it was tombstoned (tombstoning happens if a DC can’t speak to other DC’s for X amount of time), the follow tasks should already be done:

  1. Seizing the FSMO roles
  2. Delete DC in ADUC
  3. Delete DC in Sites & Services
  4. Delete DC’s A and SRV records from DNS

If you have done all of this, then you still need to delete the linger artifacts and that is done thru ntdsutil. So lets get into it!

  1. elevated command prompt
  2. type “ntdsutil”
  3. type “?”
  4. type” Metadata cleanup”
  5. type “?”
  6. type “Connections”
  7. type “?”
  8. type “connect to server [working domain controller hostname]”
  9. type “quit”
  10. type “select operation target”
  11. type “?”
  12. Note: you’ll need to select the domain, the server, and the site
  13. type “list domains”, you’ll select the domain the orphaned/tombstoned domain controller is apart of, if the domain is lists as ” 0 – vpool.local” , then select 0:
  14. type “select domain 0”
  15. type “list sites”; select the site the defunct domain controller lives, same as step 13, if it’s a “0”, then:
  16. type “select site 0”
  17. type “list servers in site”; again if server is defined as “0”, then:
  18. type “select server 0”
  19. type “quit”
  20. type “?”
  21. type “remove selected server”
  22. Once you press enter on step 21, you’ll remove all lingering artifacts from your Active Directory domain of the defunct domain controller