No announcement yet.

Tombstoned Domain Controller

  • Filter
  • Time
  • Show
Clear All
new posts

  • Tombstoned Domain Controller


    First thanks for checking this out!

    I'm trying to sort out my company's AD. We have 13 child domain and most are tombstoned. We are planning to demote all domains so we just have a parent and 1 child domain holding all user & computer accounts.

    So I have 2 questions:

    1: So I am planning to demote the first child domain soon. Can i just use "dcpromo /forceremoval" to remove the domain controller (there is only 1 DC in the domain). Will this then replicate across domain even thou it;'s tombstoned?

    2: Once a Domain Controller has been demoted I'm planning to add it back to the domain as a member server. Is it best practice to rebuild the server before adding it back to the domain?

    Thanks again for your help!!

  • #2
    Re: Tombstoned Domain Controller

    check those out.
    "HOW TO: Remove Orphaned Domains from Active Directory Without Demoting the Domain Controllers"

    "How to remove orphaned domains from Active Directory";EN-US;230306


    • #3
      Re: Tombstoned Domain Controller

      Thanks but that information isn't about a child domain


      • #4
        Re: Tombstoned Domain Controller

        dcpromo /forceremoval will not make DC replicate if it can't replicate normally, so in the case of a domain that it's domain controllers have not replicated more than tombstone lifetime period, the DCs will be demoted, but ill not replicate out the changes to parent domain.
        You will have to cleanup the DCs' metadata and delete the child domain manually using ntdsutil.
        The KBs you've been pointed to are relevant: you should treat those tombstoned domains as orphaned (can't communicate with the parent).
        Guy Teverovsky
        "Smith & Wesson - the original point and click interface"