Get-ADDomainController returns error “Directory Object not found” when using -Filter *

We recently encountered an error when using Get-ADDomainController for a domain which had a partially decommissioned domain controller (partial demotion). When running Get-ADDomainController with the * filter, it would return “Directory Object not found” and provide no other details.
Using the script below, we were able to loop through polling Active Directory for each domain controller in that domain until it failed on the faulty DC providing our first clue to the offending server.

1
(Get-ADDomain -Identity 'childdomain.domain.com').ReplicaDirectoryServers | ForEach {Get-ADDomainController -Identity $_ -Server 'childdomain.domain.com' }

Turns out there were some replication issues, visible only on the faulty DC, resulting from the partial DC demotion, requiring a metadata cleanup.

Leave a Reply

Your email address will not be published. Required fields are marked *