How to remove orphaned Domain Controller's DNS records?

windows windows-server-2008 active-directory domain-controller

It looks like in the past there were some two improperly decommissioned Domain Controllers (DC1 and DC2) that belonged to this domain. I am concluding this based on some remaining records in the domain's _msdcs.contoso.com DNS zone, mostly NS records and an A records under the gc subdomain.

There are no Active Directory objects for the old domain controllers that I can see, either in OU=Domain Controllers,DC=contoso,DC=com in Active Directory Users and Computers or NTDS settings in Active Directory Sites and Services that I can delete as suggested in Clean Up Server Metadata.

If I try to use ntdsutil to remove the orphaned domain controller's metadata I get the following error:

metadata cleanup: remove selected server dc1
Binding to localhost ...
Connected to localhost using credentials of locally logged on user.
LDAP error 0x22(34 (Invalid DN Syntax).
Ldap extended error message is 0000208F: NameErr: DSID-031001D1, problem 2006 (B
AD_NAME), data 8350, best match of:
        'CN=Ntds Settings,dc1'

Win32 error returned is 0x208f(The object name has bad syntax.)
)
Unable to determine the domain hosted by the Active Directory Domain Controller
(5). Please use the connection menu to specify it.


If I try and manually select the server so I can remove it I find that it is not listed:

select operation target: list servers in site
No active site list
select operation target: list domains
Found 1 domain(s)
0 - DC=contoso,DC=com
select operation target: 0
select operation target: select domain 0
No current site
Domain - DC=contoso,DC=com
No current server
No current Naming Context
select operation target: list sites
Found 2 site(s)
0 - CN=CONTOSO-JNU-HQ,CN=Sites,CN=Configuration,DC=contoso,DC=com
1 - CN=CONTOSO-JNU-DEPO,CN=Sites,CN=Configuration,DC=contoso,DC=com
select operation target: select site 0
Site - CN=CONTOSO-JNU-HQ,CN=Sites,CN=Configuration,DC=contoso,DC=com
Domain - DC=contoso,DC=com
No current server
No current Naming Context
select operation target: list servers in site
Found 2 server(s)
0 - CN=DC3,CN=Servers,CN=CONTOSO-JNU-HQ,CN=Sites,CN=Configuration,DC=contoso,DC=com
1 - CN=DC4,CN=Servers,CN=CONTOSO-JNU-HQ,CN=Sites,CN=Configuration,DC=contoso,DC=com


It is a pretty small domain - I can go through the _msdcs.contoso.com zone and manually identify the old DNS records and delete them.

Is there any reason why I shouldn't do this?


Solution 1:

There is no reason why you shouldn't do it, and I was going to recommend it as the answer. Running the metadata cleanup will do the same thing as cleaning ADUC and Sites & Services, but since you're getting an error it's not worth troubleshooting in my opinion, but rather just get down and dirty and do it manually. You will want to drill down to more than just the _msdcs.domain.com container though. Go through all folders for all zones to make sure there isn't any record hanging around pointing to the old servers. Since you've already checked ADUC and AD Sites and Services then you are good, but double check that one of these old DCs really isn't listed in Sites and Services. Since it's a small network it's probably just my paranoia kicking in, but I like to double check after I remove all DNS entries for old/decommissioned DCs that I didn't accidentally skip over it in Sites and Services.

Solution 2:

It will be fine if you go through DNS Manager and just manually delete the records that correspond to the now defunct DC.

Scavenging should take care of this for you, but if you've turned scavenging off for this zone, feel free to delete the records by hand.

Related

Fedora 14 Repository List
Sending mails with monit over Google Apps mailserver
Routing Internet traffic through computer on another subnet
SIOCSIFFLAGS: No such file or directory
How do I make sure sftp server is VSFTPD?
What is the difference between $\omega$ and $\mathbb{N}$?
Resource recommendations for learning Grade 10 Geometry and Algebra?
Subgroups of $\Bbb{R}^n$ that are closed and discrete
Concerning the sequence $\Big(\dfrac {\tan n}{n}\Big) $
Given that $x+\frac{1}{x}=\sqrt{3}$, find $x^{18}+x^{24}$ [closed]
How to solve $x^3 + 2x + 2 \equiv 0 \pmod{25}$?
Proving the regular n-gon maximizes area for fixed perimeter.