When you attempt to delete an orphaned NTDS Settings from Active Directory Sites and Services, you receive:
DSA object cannot be deleted.
NOTE: Each server in the Servers folder should have one NTDS Settings. If two exist, the one with the missing connections object in the right-hand pane is generally the orphaned NTDS Settings.
When you use Dcpromo.exe to demote a domain controller, it should delete the NTDS Settings. If it fails to delete the NTDS Settings, or replication fails to delete it, use the following procedure on each domain controller that has an orphaned NTDS Settings:
1. Run ADSIEdit.msc.
2.. Navigate through:
Configuration NC
CN=Configuration,DC=<domain name>, DC=<domain suffix>
CN=Sites
CN= <Site Name>
CN=Servers
3. On the server that has the orphaned NTDS Settings, right-click the NTDS Settings and press Delete.
NOTE: ADSIEDIT.msc is part of the Windows 2000 Support Tools.
