updateStaleEntry.bat worked for one of the servers but not 100% the other one.
I then provided IBM with exports of the relevant DB2 tables (preReqDeployment and Deployment tables) and they then told me which entries to delete.
Removing the DB2 entries allowed me to delete the DR LDAP server. I also removed it from Global Security in WAS. System is now working as expected.