There are ways to demote a DC depending on the OS versions @https://amazfliptech.blogspot.in/
1) DCPROMO for Windows 2008/ 2003 OS
2) Server Manager for Windows 2012 servers
Prerequisite:-
FSMO Rolls - You need to make sure, FSMO rolls are transferred to other Domain controllers, if this is not a last DC in your domain. Below is command to check FSMO roles.
Type :- netdom query fsmo in elevated command prompt. and check if there any FSMO rolls which needs to be transferred or sized.
Basic Server Check: Take a backup of ipconfig /all, route information, net start - for running services etc.
Before proceeding with decommission, you need to check
#Snapshot are from windows 2008 servers.
1) First Instructions - Considering this a last Global Catalog server from a domain. If not, For business perspective we should be having additional site to process the domain request for other users/machines for logon purpose.
- In Windows 2008/2003 mahcines, we generally use DCPROMO in RUN command options to remove the Domain controller from the Domain environment.
Click Run > type DCPROMO - POP up window will guide you with the instruction.
Click Next
Next windows will ask to delete all the directory partition for this domain controller ( We have Forest root, Configuration, schema and domain active directory partitions) . Check the box and Select NEXT
Point to Remember:-
If this is your last domain controller in the forest, then there is no need of metadata clean up - metadata clean will help you to clean all the entries across all the domains.
Metadata will remove FRS and DFS replication connections and attempt to size any FSMO rolls that affected Domain controller holds and also clean any information from other domain in the forest.
2) Demoting Windows 2012 machine
Prerequisite are the same as above.
Here we are making use of Server Manager to demote a Domain controller and will be removing AD DS roles from server.
Open Server Manager
Click on Remove Roles and feature option
Click on Next
Need to Select the server name which you want to demote the server from domain and click Next.
2) Server Manager for Windows 2012 servers
Prerequisite:-
- Enterprise domain admin account to perform this task.
- FSMO rolls
- Basic Server check
FSMO Rolls - You need to make sure, FSMO rolls are transferred to other Domain controllers, if this is not a last DC in your domain. Below is command to check FSMO roles.
Type :- netdom query fsmo in elevated command prompt. and check if there any FSMO rolls which needs to be transferred or sized.
Basic Server Check: Take a backup of ipconfig /all, route information, net start - for running services etc.
Before proceeding with decommission, you need to check
#Snapshot are from windows 2008 servers.
1) First Instructions - Considering this a last Global Catalog server from a domain. If not, For business perspective we should be having additional site to process the domain request for other users/machines for logon purpose.
- In Windows 2008/2003 mahcines, we generally use DCPROMO in RUN command options to remove the Domain controller from the Domain environment.
Click Run > type DCPROMO - POP up window will guide you with the instruction.
Click Next
You will be asked whether this is last domain in the domain environment, in my case this is a test environment and I have selected the option " Delete the domain because this server is the last domain controller in the domain" and click NEXT
Next windows will ask to delete all the directory partition for this domain controller ( We have Forest root, Configuration, schema and domain active directory partitions) . Check the box and Select NEXT
Below window explain about the Active Directory integrated zones if this was your root domain and will be asked to delete those DNS Zones. Please select the check box and proceed Next.
This will start to erase all information from domain for this server and you will be asked to reboot the server in few mins.
If this is your last domain controller in the forest, then there is no need of metadata clean up - metadata clean will help you to clean all the entries across all the domains.
Metadata will remove FRS and DFS replication connections and attempt to size any FSMO rolls that affected Domain controller holds and also clean any information from other domain in the forest.
2) Demoting Windows 2012 machine
Prerequisite are the same as above.
Here we are making use of Server Manager to demote a Domain controller and will be removing AD DS roles from server.
Open Server Manager
Click on Remove Roles and feature option
Need to Select the server name which you want to demote the server from domain and click Next.
Then we have to select the Active directory roles to remove this from server - Select AD DS service and it will have corresponding services like AD Tools and AD Administrator center and Click Next
Select the Second Option "Last Domain controller in the domain"
and Click Next
Click Next
Click remove Features and proceed further, Select Demote option and window will remove the AD completely and ask for reboot once completed.
0 comments:
Post a Comment