• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4626
  • Last Modified:

Removing a Subdomain and DC from Domain

I have a domain (school.net) which has a sub-domain, (student.school.net).  The school.net domain has 2 DC's both of which are global GC's and one of those have FSMO roles.  The student.school.net domain has one DC, which I believe, by default, is the operations master for the sub-domain.
I have had problems off and on with the student.school.net DC (which is the only server in the sub-domain) and want to remove it and the sub-domain from domain.  I can, at this time, have it up and running and hooked to domain.
What is the best way to remove it from the domain?  If MS articles are referenced, please be ready to help interpret some of the article(s) explanation(s).
0
smantz
Asked:
smantz
  • 4
  • 3
  • 3
  • +1
2 Solutions
 
speshalystCommented:
this thread has a link to a Microsoft discussion which apparently solved a similar issue..
http://www.petri.co.il/forums/showthread.php?t=1954
 
0
 
sstopsCommented:
The best way is to use dcpromo to demote the server.
At one point you are asked is this is the last domain controller in the domain. You should answer with yes.

If I remember correctly there will be the question if this is the last domain controller in the forest you should answer with no.

Here are some hints on what to check / remember
http://technet.microsoft.com/en-us/library/cc740017.aspx
0
 
speshalystCommented:
looks like the link pointing to the MS site .. come up with a  "service not avialable temporarily" msg..
 
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
Mike KlineCommented:
What you will have to do is run dcpromo and demote that box.
More on that here:
http://technet.microsoft.com/en-us/library/cc771839.aspx
Removing the Last Domain Controller in a Domain
Thanks
Mike
0
 
smantzAuthor Commented:
As I look at Technet cc771839.aspx, it appears that applies to Server 2008 and does not mention Server 2003.
In Technet cc740017, the author states,"Before you complete this procedure, verify that this domain controller is not the only global catalog and that it does not hold an operations master role."
If you look at operations master roles, the author states, "Every domain in the forest must have the following roles:
Relative ID (RID) master
Primary domain controller (PDC) emulator master
Infrastructure master
These roles must be unique in each domain. This means that each domain in the forest can have only one RID master, PDC emulator master, and infrastructure master."

In fact, this DC is the Operations Master for student.school.net.
So can I still follow that technet article?  I just want to make sure that I don't do something that will create more headaches.
SM


0
 
sstopsCommented:
Yes you can follow the article as you are going to remove the domain anyway. This only applies if you want to continue to have the domain up and running with other domain controllers. Then you need to transfer the FSMOs (operations master) first.
You just need to make sure that there are other GCs in the forest but judging from your initial description the GCs are in the parent domain.
0
 
Mike KlineCommented:
Right now if you run
netdom query fsmo in your root domain you will see that there are 5 FSMO roles in your parent domain.
In your child domain there will be the three roles.
Just make sure there are absolutely no resources or users or any objects that people still use in that child domain before you remove it.
 
Thanks
Mike
0
 
smantzAuthor Commented:
The Student.school.net DC/server hasn't been hooked up to the network for a while and hasn't had a chance to receive replication info.  I notice in the FSMO DC's Directory Service Log (many errors) that replication takes place once a day at night.  Should I wait to demote this DC until  replication takes place?  Can you attempt to "force replication"?
Also, when running DCPromo, will it ask about being the last DC in the Forest?
--SM
0
 
sstopsCommented:
You should have the DC connected to the network when you demote it otherwise it won't be able to remove the domain from the forest and you have to deal with a lot of orphaned information in the forest.

It should recognize that there is another domain left and should not ask if it is the last domain controller in the forest. It will ask however if it is the last DC in the domain. To this question you should answer yes. It will then remove the domain information for the subdomain from the forest.

You should let the DC replicate first to be on the safe side. I assume all DCs are in the same site so you should just wait and check the event log when it is done replicating.
0
 
smantzAuthor Commented:
Yes,
All the DCs are in the same site.  I guess I'll let this run and see if it replicates tonight.  The student DC did reconnect with the GC in the root domain.
--SM
0
 
Mike KlineCommented:
...and if some reason this process doesn't work (I think you will be fine)
there is a manual way to remove orpaned domains
http://support.microsoft.com/kb/230306
How to remove orphaned domains from Active Directory
The dcpromo should do the trick though.
 
Thanks
Mike
0
 
smantzAuthor Commented:
Thank you everyone for your help.  Sorry it has taken so long to get back.
Everything appears to have gone smoothly.
--SM
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 4
  • 3
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now