DC Cannot Replicate#
- Problem: Target principal name incorrect during AD replication
- Solution (Demote and Promote AD):
- Demote the DC at “Remove Roles and Features”
- Manually clean update the metadata:
- Remove the DC record at AD Users and Computers
- Remove the DC-related record at AD Sites and Services & in DNS
- Promote the DC back
- Result:
- Replication resumes, syncing with other DCs
- For “PRC server not operating” error, check DNS issues with dcdiag and try dns scavenging
PDC Gone, Operation Master Role not Transferred#
- Solution: Forceful Takeover
- Use Move-ADDirectoryServerOperationMasterRole to move the Operation Master.
Removing an Orphaned Domain#
- Problem: Trusted domain removed without demoting DC, resulting in ghost domain/DC
- Solution:
- Use ntdsutil metadata cleanup for both domain controller and domain
- Delete domain controller with How to remove a domain controller that no longer exists? guide
- Delete domain with remove orphan domain guide