Deleting an orphaned Active Directory Domain Controller fails with error:
Windows cannot delete object LDAP:// ……………………
Access is denied.
First obvious step is to make sure that your user account has permissions to delete objects in the OU in question.
If user permissions are not the problem, check that computer object you are deleting and any objects contained within it are not protected from accidental deletion. Right click on the object, go to Properties > Object and make sure that the checkbox next to “Protect from accidental deletion” is not checked.
If you can’t see Object tab, enable “Advanced Features” in the View menu.
To be able to see sub-objects, also check “Users, Contacts, Groups, and Computers as containers“.
Also click on “NTDS Settings” in General tab of DC object Properties. Make sure that “Protect from accidental deletion” is not checked.
Windows Server 2008 R2
Leave a Reply