How can I change the designated AD controller?

What did you do to "retire" the old server? Since you said you seized the roles, I'm assuming you didn't properly replicate then move the roles over and then eventually DCPROMO the old DC to remove it as a DC.

In that situation, AD still thinks the old DC is "around".

The good thing is that as of Windows Server 2008 and above, the process for cleaning up a "failed" DC (in your case already physically destroyed) is much easier than back in the 2003 days.

https://blogs.technet.microsoft.com/canitpro/2016/02/17/step-by-step-removing-a-domain-controller-server-manually/

Follow the above article, that states:

Step 1: Cleaning up metadata via Active Directory Users and Computers Log in to DC server as Domain/Enterprise administrator and navigate to Server Manager > Tools > Active Directory Users and Computers Expand the Domain > Domain Controllers

Right click on the DC server that need to remove manually and click delete In next dialog box, click yes to confirm In next dialog box, select This Domain Controller is permanently offline and can no longer be demoted using the Active Directory Domain Services Installation Wizard (DCPROMO) and click Delete If the domain controller is global catalog server, in next window click yes to continue with deletion If the domain controller holds any FSMO roles in next window, click ok to move them to the domain controller which is available

Step 2: Cleaning up the DC server instance from the Active Directory Sites and Services

Go to Server manager > Tools > Active Directory Sites and Services
Expand the Sites and go to the server which need to remove Right click and click Delete In next window click yes to confirm

After some good help from the other replies and some more googling, I solved the problem by editing the registry...

Edit this key to point to the correct DC Server (as per this post) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Server\ADContext\ConnectedDc

Delete these keys (as per this, this and this) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NTDS\Parameters\Src Root Domain Srv HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\NTDS\Parameters\Src Root Domain Srv HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters\Src Root Domain Srv HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NTDS\Parameters\Src Srv objectGuid HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\NTDS\Parameters\Src Srv objectGuid HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters\Src Srv objectGuid

In your situation you can treat your old server as a primary DC that has failed. Luckily this wasn't your only DC as you had the new server as a backup DC! (Please keep it that way!)

It is possible to transfer or seize FSMO roles to another domain controller with ntdsutil.exe.

As you should be really careful when doing this, I suggest taking time to read and learn:

• TechNet blog tutorial: Seizing the Operation Master Roles in Windows Server 2012 R2.
• Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller

Those without disaster recovery plans or running all roles from one DC, while not recommended, is sometimes unavoidable in some smaller sized businesses. The major concern with running all roles off one DC is that the roles cannot be migrated to another server should said server crash. The only way to migrate these roles is by seizing the operation master roles should no disaster recovery plan exist.

The steps for seizing the operation master roles after a crash (or a destroyed by BOFH event):

1. Log in as domain administrator.
2. Start elevated command prompt.
3. ntdsutil
4. roles
5. connections
6. connect to server <FQDN of role holder>
7. quit

8. seize schema master, yes (to a popup that appears)

   seize naming master, yes

   seize RID master, yes

   seize PDC, yes

   seize infrastructure master, yes

9. Type quit to exit from ntdsutil once the last command has been entered.