banner



What Is The Method For Removing A Domain Controller In Windows Server 2012 R2

Do you need to bench a domain controller?

Is your domain controller dead and you want to manually remove information technology?

No problem.

In this guide, I'll walk through 2 options to remove a domain controller. If you lot nonetheless take access to the server then option i is the preferred choice.

  • Option 1: Demote a Domain Controller Using Server Manager
    • Utilise this option if you still have access to the server.
  • Option ii: Manually Remove a Domain Controller
    • Use this pick if the server is dead or y'all no longer have admission to it.

In both examples, I'll be using Windows Server 2022 server but these steps will work for Server 2022 and upwardly.

Tip #1 Starting with Server 2008 domain controller metadata is cleaned upwards automatically. Windows Server 2003 server or earlier volition require using the ntdsutil command to cleanup metadata. With that said you still demand to manually remove the server from sites and services.

Tip #2 Make sure at that place are no other services running on the server (like DNS or DHCP) before shutting down the server. If you lot can avert this yous may salvage yourself a large headache.

Tip #3 If the domain controller you are removing has FSMO roles configured they volition get transferred to some other DC automatically. Yous can check this with the netdom query FSMO command.

Video Tutorial

If y'all don't like video tutorials or want more details, then go along reading the instructions beneath.

Pick one: Bench a Domain Controller Using Server Manager

This is Microsoft's recommended method for removing a domain controller.

Pace 1. Open Server Manager

Step 2. Select "Remote Roles and Features"

Click next on the "Before y'all brainstorm page"

Step 3. On the server selection folio, select the server you want to demote and click the next button.

In this instance, I'g demoting server "srv-2016"

Step iv. Uncheck "Active Directory Domain Services" on the Server Roles page.

When you lot uncheck you volition get a popup to remove features that require Active Directory Domain Services.

If you lot will programme on using the server to manage Active Directory then proceed these installed. In this example, I program to decommission the server then I will remove these direction tools.

Footstep 5. Select Demote this domain controller

On the side by side screen make certain you Do Non select "Strength the removal of this domain controller". You should only select this if you are removing the last domain controller in the domain.

You can also change credentials on this screen if needed.

Click Adjacent

Footstep 6. On the warnings screen, it will give you a warning this server hosts boosted roles. If you have customer computers using this server for DNS you will need to update them to point to a different server since the DNS function volition exist removed.

Check the box "Proceed with removal and click next

Step vii. If yous have DNS delegation y'all can select "Remove DNS delegation and click next. In most cases, you lot will not have DNS delegation and tin uncheck this box.

Stride 8. Now put in the new administrator password. This will be for the local ambassador account on this server.

Step ix. Review options and click "Demote"

#Tip – There is a "view script" push that generates a PowerShell script to automate all the steps we just walked through. If yous have additional domain controllers to remove yous could use this script.

When y'all click demote the server will be demoted and rebooted. In one case information technology reboots the server will be a member server. You can log in with domain credentials to the server.

Additional Cleanup Steps

For some reason, Microsoft decided not to include sites and services in the cleanup process. Maybe it's left in that location in case you want to promote the server back to a domain controller. If you are not going to promote the server back to a DC then follow these steps.

  1. Open up Agile Directory Sites and Services and remove the server

You can meet above the server I simply demoted is withal listed in sites and services. I'll but right-click on it and delete information technology.

That is it for option i. Y'all tin can go into the "Domain Controllers" binder and verify the server is removed. It's as well a good idea to run dcdiag after removing a DC to make sure your surroundings has no major errors.

You may also demand to review and test replication. Yous can use the repadmin command to test for replication issues.

Option 2: Manually Remove a Domain Controller

Use this selection if the server is dead, disconnected, or you lot merely can't access it. There is actually only one step.

Step 1. On another domain controller or computer with RSAT tools open up "Active Directory Users and Computers"

Get to the domain Controllers binder. Right click the domain controller you desire to remove and click delete.

On the next screen select the box "Delete this Domain Controller anyway" and click delete"

If the DC is a global catalog server you volition get an additional message to confirm the deletion. I'1000 going to click Yes.

That is pretty much it. Like shooting fish in a barrel hu?

The last step would be to remove the server from Sites and Services simply like I showed yous in choice ane.

As I mentioned at the top of this article starting with server 2008 the metadata cleanup is done automatically with both options. Most how to guides volition tell y'all to open up the control prompt and run the ntdsutil to cleanup the metadata. This is not needing if your server operating organisation is 2008 or above.

It seems easier to just manually remove the DC than going through the server managing director wizard. Technically I'm not sure what the deviation is simply Microsoft recommends using the removal wizard if you can. Utilise the transmission method equally a concluding option.

Summary

In this guide, I showed you lot 2 methods for removing a domain controller. Microsoft has fabricated this process very like shooting fish in a barrel by automatically cleaning up the metadata starting with server 2008. Every bit networks and systems are constantly irresolute in that location may come a time when you demand to remove a domain controller. I've provided some Microsoft links beneath if you would like to read more almost this topic.

Sources

  • https://docs.microsoft.com/en-us/windows-server/identity/advertisement-ds/deploy/demoting-domain-controllers-and-domains–level-200-
  • https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/ad-ds-metadata-cleanup – This article mentions how the metadata is automatically cleaned up using the GUI tools.
  • My 15+ years of Active Directory experience
  • Working with medium and large customer Advertising environments
  • Testing in my Active Directory Lab.

What Is The Method For Removing A Domain Controller In Windows Server 2012 R2,

Source: https://activedirectorypro.com/demote-domain-controller/

Posted by: crawfordthly1953.blogspot.com

0 Response to "What Is The Method For Removing A Domain Controller In Windows Server 2012 R2"

Post a Comment

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel