In this blog post, I will cover the principles of forcibly removing a failed and now orphaned 2008R2 Domain Controller. The Premise to this post is that our Legacy Domain controller was running on obviously running on legacy hardware which unfortunately failed. Thus causing us to now have to clean up the Active Directory Domain of ad.hypervlab.co.uk.
Before we start the cleanup process, below is a graphic showing that currently the failed 2008R2 Server currently owns all the Domain FSMO Roles.
Firstly from your ‘healthy’ domain controller, we will want to open the Active Directory Users and Computers MMC Snap-In. Or from a Run Prompt type: dsa.msc
From ADUC Navigate to the Domain Controllers Organisational Unit.
Right-click on the failed Domain Controller ‘HYPERVLAB-SVR01‘ select ‘Delete‘.
Remember to tick the Delete this Domain Controller anyway.
As the hardware has failed so we cannot recover it.
Click ‘Yes’.
Neat Feature in Windows Server 2019 will auto-complete the FSMO Migration Transfer to the ‘healthy’ Domain Controller.
ntdsutil
metadata cleanup
connections
connect to server hypervlab-svr02
q
select operation target
list domains
select domain 0 
list sites
select site 0
list servers in site 
select server 0
q
remove selected server
Click ‘Yes’.
Click ‘Yes’.
Click ‘Yes’.
Click ‘Yes’.
Click ‘Yes’.
Click ‘Yes’.
Finally, we can quit the ntdsutil tool using
qWe can see that FSMO Roles has been moved to HYPERVLAB-SVR02
