Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


What's happens to client computers if you end a domain

Posted on 2008-11-19
Medium Priority
Last Modified: 2012-05-05
I am trying to think of the ramifications of doing a dcpromo on a single dc to end the domain and then reboot and run it again to join a new domain in an existing forest.   If I do this, what will happen to any client computers that were members of the old domain?
Question by:stl-it
  • 2
LVL 20

Accepted Solution

MightySW earned 2000 total points
ID: 23000270
If you are "ending" the domain by running dcpromo and selecting that this is the last domain controller in the domain then essentially the DOMAIN_NAME name will no longer exist and therefore the operations masters, schema, and GC's will just go away as they are removed from the DC.  The computers will still think that they are in the old domain so you will need to be sure that you have the local administrator account and password squared away on every one of those workstations so you can removed that old domain and then add them to the new domain later.

LVL 37

Expert Comment

by:Jian An Lim
ID: 23000313
are you going to "end" the domain and join as a child?

or do you just want to remove this DC from the domain and rejoin again?
LVL 20

Expert Comment

ID: 23000372
Unless this is a lab environment I wouldn't suggest this.  

What you should do is setup a trust, and then setup the ACL's for the other forest.  By default this trust will be two way transitive so you should be good to go.  You can setup DNS to point to the other domain and vice versa for lookups for that domain name.  

This is when it gets fun (yeah, like its really fun!)

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Scripts are great for performing batch jobs against users, however sometimes the GUI is all you need.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question