A. Scrap the DC and recreate it and promote to a DC again. You'll hear people telling you to run
which will just reset the password of the domain controller for the rest of the domain. But you run the risk of deleted objects being re-introduced if the DC has been restored to a state older than tombstone lifetime.
Taking snapshots of domain controllers in production is not supported or recommended. Just take normal backups and consider domain controllers expendable. Just run domain controller services on your DC and if a DC has some problem just wipe it and stand up another DC in its place.