Solved

Demote Exchange 2007/Windows 2003 server with certificate services

Posted on 2009-04-09
2
330 Views
Last Modified: 2012-05-06
I've inherited a Windows 2003 / Exchange 2007 server that is a domain controller with the global catalog on it. It is also multi-homed because the Exchange databases reside on an iSCSI SAN. I would like to demote it, but it says I can't until I remove the Certificate services. The articles I've read on this only talk about setting up another server with the same name and backing up/restoring the certificates which I don't really want to do.
We are having all sorts of problems with startup times (currently takes about 30 minutes to restart), sometimes the main network card doesn't work until it is disabled and re-enabled after startup, and when this server is restarting I have some problems logging into other servers even-though I have two other domain controllers on the network. So I think I have multiple issues going on here, but am hoping that getting this server properly demoted will solve a lot of them. Any insight, order in which I should attempt this or general advice would be much appreciated.
0
Comment
Question by:GBP
2 Comments
 
LVL 58

Accepted Solution

by:
tigermatt earned 250 total points
ID: 24109532

You don't want to demote that server. The fact you received an error during the demotion is a good thing, because had you proceeded with the procedure, you would have broken Exchange, requiring a complete reinstall and recovery from backup.

To demote the server, you will NEED to remove Exchange (or temporarily rehome it to another server), uninstall Exchange from this server, dcpromo down, then reinstall Exchange. You cannot run dcpromo for promotion/demotion on any server with Exchange installed; it simply isn't possible.

-Matt
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question