Solved

Removing Domain Controller and DFS Host from service

Posted on 2008-06-09
4
749 Views
Last Modified: 2010-05-18
Hi,

At one of our branches we are elimating their Windows 2003 Domain Controller that also has DFS on it. This server is a domain controller with a global catalog on it. Users used to authenticate to it and get dhcp from it. However we have made a new DHCP scope at headquarters and configured it to pass DHCP info to the branch. We need to get rid of this server, and I wonder what all I need to change to let this happen without breaking anything. We replaced it with a riverbed steelhead. Last time I tested the steelhead, I just shutdown the server. That caused all kinds of login and DFS problems. The dfs problems seems to mess with our other branches as well. So I turned it back on and the problems quit.

Its listed as a "Namespace server" with all the other servers.

So do I just delete its name from the "Namespace Servers" on the DFS management tool, and then run a DCPROMO to unjoin it from the Domain, and DNS replication and all that?

Since DHCP server gives them our DNS server at headquarters, will this allow them to authenticate to the server at headquarters?
Thanks
0
Comment
Question by:borgmember
  • 3
4 Comments
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 500 total points
ID: 21745613
Was Domain Controller part was of the HQ domain or on it's own domain? If it was part of the HQ domain then you can demote the DC by using DCPROMO. Keep the DNS service on until you demote the server.

The client computers after the DC has been demoted will need to do a ipconfig /release and /renew to retrieve the new IP settings so they can use the HQ DNS which will allow them to authenicate to HQ Active Directory. You will have slow logon times becasue the logon requests will have to travel over the WAN.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 21778462
Any update on this issue?
0
 

Author Comment

by:borgmember
ID: 21779115
Yes.

It went well. Heres what I did.

Opened DFS and removed the server from the namespace. If you hit the wrong delete button it wants to delete the entire root corporate wide, that would be bad! So be sure to remove server from namespace.

Did a DCPROMO to remove it failed waiting for the netlogon service.

Ran DCPROMO again and it successfully removed. Rebooted
Looged in as local admin
Removed DNS role
Added machine to a workgroup so it is no longer even a member server

Removed the server from AD sites and services. Pointed that site to the domain controller at headquarters.

So far we have had no complaints or problems. Thanks for the help!
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 21780059
Not a problem.
0

Join & Write a Comment

I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now