Removed server from AD manually but having issues with it....

Posted on 2006-04-12
Last Modified: 2011-09-20
We did a migration this weekend and could not get one of our DC's to removed AD.  We then went in and manually deleted it out of Active Directory as a domain controller.  

Now, anytime we try to apply security settings to a folder on that machine it can not access the domain.   The only account that can authenticate are those accounts that are domain admins.

How can we clean this up so that it is just another computer on the domain?

Question by:lttech
    LVL 51

    Expert Comment

    You need to do a metadata cleanup now:
    LVL 26

    Expert Comment


    Typically, only those with server operator or higher rights can log into a server.

    If this DC (call it DC001) has not been demoted, try at a command prompt:

    dcpromo /forceremoval

    If it has been demoted, try this:

    Unplug network cable.
    change its memebership from domain to workgroup.
    Log on with local admin account.
    reconnect LAN cable.
    Join to domain.
    Log on with domain admin account.
    Set permissions as necessary.



    Author Comment

    Hey guys...Neither suggestion works.

    I can not remove it using DCPROMO because it will not find a server with its account information on it.  I actually ran the metadata cleanup process already to manually take it off of the domain.  But now, it is sitting with AD still installed but broken....I cannot make it a member of a workgroup either because it says it is a domain controller....The actual computer we are having the issue with is Win 2000.
    LVL 4

    Expert Comment

    I know that you stated you had already performed a metadata cleanup, but follow these guidelines in their entirety and see if it helps:

    It has helped me in the past,

    Good Luck,

    LVL 51

    Accepted Solution

    Easy enough.

    Run DCPROMO /forceremoval

    on the broken DC.

    You may need to re-add it as a member server afterwards.


    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
    This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now