When cleaning up non-existence domain controller using NTDSUtil, you may get this error:
metadata cleanup: remove selected server Transferring / Seizing FSMO roles off the selected server. DsRemoveDsServerW error 0x5(Access is denied).
There could be many reasons like the account is not really have access to remove servers from domain. But most obvious and common reason is the NTDS Settings is set to protect from accidental deletions.
1. Open Active Directory Sites and Services (on the the same DC where you are running NTDSUtil)
2. Navigate to Sites —> Your Site Name —> Servers —> DC Name —> NTDS Settings
3. Right click on NTDS Settings and select Properties
4. Change to Object tab and un-check the check box “Protect object from accidental deletion”
That’s all. Try removing the server using NTDSUtil. 🙂
2 thoughts on “NTDSUtil – Cannot delete server from a site – DsRemoveDsServerW error 0x5(Access is denied.)”
excellent thank you very much
Great Post ! Useful.