Information: Forum is in read-only mode
For details and other support options see

Remove Domain Controller

Discuss Windows Event Log events. What they mean, what they tell you about your machine's security ... and whatever questions else you have.

Moderator: alorbach

Google Ads

Remove Domain Controller

Postby Bassel » Mon Jan 12, 2004 11:41 am


After failed try to demote the domain controller using dcpromo wizared
I tried to remove this domain by using ntdsutil utility but I receive the following error message can someone help with this.

The error message:

DsRemoveDsDomainW error 0x2162(The requested domain could not be deleted because
there exist domain controllers that still host this domain.)


Postby therget » Wed Jan 21, 2004 3:14 pm

To work around the problem, remove the following references in the Active Directory Database, where Domain Name is the name of the domain:

DC=Domain Name,DC=com,CN=Users > CN=Domain Name$
DC=Domain Name,DC=com,CN=System > CN=Domain (trustedDomain)
CN=Configuration,Domain Name,DC=com,CN=Partitions > CN=Domain Name

Note that these entries can be removed by using Ldp.exe or Adsiedit.
Frequent Poster
Posts: 79
Joined: Thu Dec 18, 2003 12:42 pm

Same Problem

Postby mythol » Wed Mar 16, 2005 4:13 pm

When I go to remove:
CN=*****,CN=Partitions,CN=Configuration,DC=*****,DC=com using adsiedit.exe I am getting "The requested domain could not be deleted because there exist domain controllers that still host this domain". When I use ldp.exe I get "Error: Delete: Unwilling To Perform. <53>".

Some background information:
I just started with this company and decided to clean up the ADS. We currently have 3 domains (VPN/Network, Exchange and Orphan) running on 3 different servers. The VPN/Network and Orphan are on DC 1 and DC 2 and Exchange is on DC 3. The orphan domain was created when our Exchange server crashed and the admin before me decided to install exchange into a Child Domain. Due to the problem that caused the first crash (Exchange logs for the Domain were never archived, so they grow to large and Exchange decided it did not like it, services stopped and would not come up) the Server on the Child Domain would also not start. So the server was wiped and reinstalled on it own (Current) domain. The DC was never demoted so the Domain stuck around. The DC is gone so I can not try to “gracefully” remove the domain. Here is what I have tried with not luck:

Tried using ntdsutil:
C:\Documents and Settings\Administrator>ntdsutil
Ntdsutil: metadata cleanup
metadata cleanup: connections
server connections: connect to server *****
Binding to ***** ...
Connected to ***** using credentials of locally logged on user
server connections: quit
metadata cleanup: select operation target
select operation target: list domains
Found 2 domain(s)
0 - DC=*****,DC=com
1 - DC=*****,DC=*****,DC=com
select operation target: select domain 1
No current site
Domain - DC=*****,DC=*****,DC=com
No current server
No current Naming Context
select operation target: quit
metadata cleanup: remove selected domain
DsRemoveDsDomainW error 0x2162(The requested domain could not be deleted because
there exist domain controllers that still host this domain.)
metadata cleanup: quit
Ntdsutil: quit
Disconnecting from ***** ...
C:\Documents and Settings\Administrator>

Reading forums and Microsoft’s TechNet i found: ... -us;235416

Following it I deleted 2 out of the 3 listed references in the ADD:
DC=Domain Name,DC=com,CN=Users > CN=Domain Name$
DC=Domain Name,DC=com,CN=System > CN=Domain (trustedDomain)

I failed on the 3rd:
CN=Configuration,Domain Name,DC=com,CN=Partitions > CN=Domain Name

I manually searched through every key in the DB looking for any mention of this orphan domain. I could not find anything. I also searched using ldp for (CN=*DOMAIN NAME*), I only found the one reference list above that I can not delete.

I am at a loose on what else can be done. Any help would be greatly appreciated!

Same problem

Postby warkem » Thu Jun 16, 2005 6:05 am

I am having the exact same problem, there must be a fix out there somewhere.

same problem

Postby warkem » Thu Jun 16, 2005 6:13 am

Actually I think I just solved it, well for my problem anyway.





Postby skullshot » Tue Jul 12, 2005 3:43 am

just adding my 2 cents

i did everything mentioned here after our single domain controller for the child domain died, and it still gave me errors when i attempted the metadata cleanup

the problem was that there was information about the child domain/controller still in the global catalog, all i had to do was turn global catalog option off for all the GC's on my domain, then turn it back on and let the GC rebuild, then i was able to do the last step with the metadata cleanup

Postby goldenmonkey » Sat Oct 22, 2005 8:06 pm

Had the same problem on my enterprise - two child domains that got deleted before i could "properly" dcpromo them and remove the trust.

Ran through all the suggestions online i could find but kept getting the same error code:

DsRemoveDsDomainW error 0x2015(The directory service can perform the requested operation only on a leaf object.)

Ran ADSi edit on schema master, looked into Configuration [] then CN=Configuration,DC=xxxxx,DC=com then child CN=Partitions

In there was the CN records of the GUID of the old trust relationship/domain DNS forestDNSZones and domainDNSZones and a direct reference to the child domain name.

Delete the DNSZones records first otherwise you will see the same error message as above (operation on a leaf object), then delete the child domain name references. Reboot your DC holding the domain naming master and schema then once back online froce replication (if not already done) to your forest DC's.

Now your Domains and Trusts snap in is empty!
Posts: 1
Joined: Sat Oct 22, 2005 6:51 pm

Google Ads

Return to Windows Events

Who is online

Users browsing this forum: No registered users and 0 guests