Solved

Remove Active Directory from Domain Controller

Posted on 2002-03-04
7
291 Views
Last Modified: 2010-04-14
I have 1 domain including several domain controllers but one 1 domain controller has a problem and I want to format it. To do so, I have to remove active directory then format and reinstall Windowns2000 but when I remove active directory with command "dcpromo", File replication service cannot be stopped and other services have faced with that problem.
Now I cannot install/uninstall any software because the computer will not response or hang and I have to kill those applications.

If I format it without removing active directory, could I remove it from other domain controllers after I format?

Could you please give me any solutions how to remove active directory and format my domain controller?

Very thank you so much for your help.
0
Comment
Question by:annjung
7 Comments
 
LVL 1

Expert Comment

by:adowns
ID: 6840524
You could try to open the Services control panel under administrative tools and set the services that are giving you a hard time to start manually when the computer boots. This way you can restart the computer without these services running and dcpromo yourself out of the domain. Just to be safe I would do one service at a time and narrow it down. Good Luck, let us know what happens.
0
 

Author Comment

by:annjung
ID: 6840547
I've tried to do so(start service manually), but when I click apply/OK the computer wouldn't response and hang for several minutes.
Do you have any advice?
Thanks for your help.
0
 
LVL 10

Accepted Solution

by:
AndresM earned 50 total points
ID: 6841327
When a domain controller is demoted, if it is not the last domain controller in the domain, it performs a final replication and then transfers the roles to another domain controller. As part of the demotion process, the Dcpromo utility removes the configuration data for the domain controller from Active Directory. This data takes the form of an NTDS Settings object, which exists as a child to the server object in Active Directory Sites and Services Manager. After the domain controller is demoted it no longer has Active Directory information available, and uses the Security Accounts Manager (SAM) database for local database information. If the domain controller is a global catalog, that role is not transferred to another domain controller. In this case, you must manually select the check box in Active Directory Sites and Services Manager for another domain controller to take over the role.
If the demotion process does not succeed for any reason, you must manually delete this metadata from the directory. Use the Ntdsutil.exe utility to manually remove the NTDS Settings object. For additional information about how to use Ntdsutil.exe, click the article number below to view the article in the Microsoft Knowledge Base:
How to Remove Data in the Active Directory After an Unsuccessful Domain Controller Demotion (Q216498)
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q216498
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 17

Expert Comment

by:mikecr
ID: 6841352
AndresM is correct. If you use the Ntdsutil program, you will be able to wipe the old information from AD of that domain controller.
0
 
LVL 1

Expert Comment

by:TedSenn
ID: 6841502
You could also boot a DOS disk run FDISK and delete the partitions since you were going to start over anyway.
0
 
LVL 14

Assisted Solution

by:AvonWyss
AvonWyss earned 50 total points
ID: 6841650
You can manually remoce a domain controller from the Active Directory, but this is not the suggested thing to do. Also, if you demote a DC, you should not propote another computer with the same computer name again. So, if you format, give the server a new name.

Try this:
* Disconnect the DC in question from the network.
* Start in safe mode.
* If installed, remove the Certificate Authority.
* In the services control panel, disable all the following if applicable: NTFRS, DFS, DHCP, DNS, Indexing Service, IISADMIN

Reboot and try to demote now.
0
 
LVL 11

Expert Comment

by:ewtaylor
ID: 8904383
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:
[split avonwyss andresm]
Please leave any comments here within the next seven days.
 
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
 
[ewtaylor]
EE Cleanup Volunteer
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
A safe way to clean winsxs folder from your windows server 2008 R2 editions
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now