locked
Force Demote DC RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    How do I demote a DC by force that is no longer operating. I am on a Windows 2012 R2 domain infrastructure.

    Thursday, October 8, 2015 5:37 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi

     You can follow the steps on article for demote server 2012 DC from domain

    https://technet.microsoft.com/en-us/library/dn265973.aspx?f=255&MSPPError=-2147217396

    You need to select "Force the removal of this domain controller..

    Then you will do a metadata cleanup for completely remove problematic dc from domain,

    Check for metadata cleanup

    https://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx

    Finaly make sure ADUC,DNS,DFS,AD Site and services records updated.

    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    • Proposed as answer by Wendy Jiang Monday, October 12, 2015 1:35 AM
    • Marked as answer by Amy Wang_ Thursday, October 15, 2015 2:18 AM
    Thursday, October 8, 2015 5:47 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    Try uninstalling the domain controller from powershell.

    Uninstall-ADDSDomainController
    using the -ForceRemoval switch.
    If the server is already down and cannot be recovered, then you can do the below.
    1. Go to Active Directory Sites and Services
    2. Delete the Server instance from the corresponding site where the DC exists
    3. Clean up the references of the Server from DNS
    4. Confirm that the Server is no more there in the Name Servers of the domain in DNS Manager
    5. Server is not listed anywhere for the Zone Transfers

    • Proposed as answer by Wendy Jiang Monday, October 12, 2015 1:36 AM
    • Marked as answer by Amy Wang_ Thursday, October 15, 2015 2:18 AM
    Thursday, October 8, 2015 7:52 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi-

    I have all the steps documented here - http://www.briandesmond.com/active-directory/remove-an-offline-domain-controller/

    Let me know if you have any questions.

    Thanks, Brian

    • Proposed as answer by Wendy Jiang Monday, October 12, 2015 1:36 AM
    • Marked as answer by Amy Wang_ Thursday, October 15, 2015 2:18 AM
    Thursday, October 8, 2015 9:31 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,,

    Please follow these steps below when trying to remove a Domain Controller forcefully:

    1. check if the DC is holding FSMO roles or not. If it is holding FSMO roles,  we need to seize FSMO roles to other domain controllers. You can refer to this article below for more detailed steps:

    http://social.technet.microsoft.com/wiki/contents/articles/832.transferring-fsmo-roles-in-windows-server-2008.aspx

    2.clean server metadata from active directory database. Please refer to Clean Up Server Metadata :

    https://technet.microsoft.com/en-us/library/cc816907%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

    3.delete all remaining DNS records of the cleaned DC.

    4.wait for the AD replication completed .

    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Wendy Jiang Monday, October 12, 2015 1:36 AM
    • Marked as answer by Amy Wang_ Thursday, October 15, 2015 2:18 AM
    Friday, October 9, 2015 6:49 AM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi

     You can follow the steps on article for demote server 2012 DC from domain

    https://technet.microsoft.com/en-us/library/dn265973.aspx?f=255&MSPPError=-2147217396

    You need to select "Force the removal of this domain controller..

    Then you will do a metadata cleanup for completely remove problematic dc from domain,

    Check for metadata cleanup

    https://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx

    Finaly make sure ADUC,DNS,DFS,AD Site and services records updated.

    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    • Proposed as answer by Wendy Jiang Monday, October 12, 2015 1:35 AM
    • Marked as answer by Amy Wang_ Thursday, October 15, 2015 2:18 AM
    Thursday, October 8, 2015 5:47 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    Try uninstalling the domain controller from powershell.

    Uninstall-ADDSDomainController
    using the -ForceRemoval switch.
    If the server is already down and cannot be recovered, then you can do the below.
    1. Go to Active Directory Sites and Services
    2. Delete the Server instance from the corresponding site where the DC exists
    3. Clean up the references of the Server from DNS
    4. Confirm that the Server is no more there in the Name Servers of the domain in DNS Manager
    5. Server is not listed anywhere for the Zone Transfers

    • Proposed as answer by Wendy Jiang Monday, October 12, 2015 1:36 AM
    • Marked as answer by Amy Wang_ Thursday, October 15, 2015 2:18 AM
    Thursday, October 8, 2015 7:52 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi-

    I have all the steps documented here - http://www.briandesmond.com/active-directory/remove-an-offline-domain-controller/

    Let me know if you have any questions.

    Thanks, Brian

    • Proposed as answer by Wendy Jiang Monday, October 12, 2015 1:36 AM
    • Marked as answer by Amy Wang_ Thursday, October 15, 2015 2:18 AM
    Thursday, October 8, 2015 9:31 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,,

    Please follow these steps below when trying to remove a Domain Controller forcefully:

    1. check if the DC is holding FSMO roles or not. If it is holding FSMO roles,  we need to seize FSMO roles to other domain controllers. You can refer to this article below for more detailed steps:

    http://social.technet.microsoft.com/wiki/contents/articles/832.transferring-fsmo-roles-in-windows-server-2008.aspx

    2.clean server metadata from active directory database. Please refer to Clean Up Server Metadata :

    https://technet.microsoft.com/en-us/library/cc816907%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

    3.delete all remaining DNS records of the cleaned DC.

    4.wait for the AD replication completed .

    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Wendy Jiang Monday, October 12, 2015 1:36 AM
    • Marked as answer by Amy Wang_ Thursday, October 15, 2015 2:18 AM
    Friday, October 9, 2015 6:49 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Brian, So I should really have to do is steps 1-4, is that correct.
    Friday, October 9, 2015 1:13 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Brian, So I should really have to do is steps 1-4, is that correct.

    You got it

    Thanks, Brian

    Friday, October 9, 2015 4:05 PM