How do I demote a DC that has already been removed from AD?

Posted on 2009-05-01
Last Modified: 2012-05-06
So here's the scenario...we had a remote site go offline with network issues due to local ISP problems.  They have a win2k3 DC there that was slated to be demoted anyway, however since the remote site went offline early and was brought back up on a different subnet for a couple of weeks they decided to go ahead and remove the DC from AD using ntdsutil.  

Now they have the new router installed and the DC is pingable again, but when i remote in to demote it can't find another DC on the domain with its computer account because its already been wiped out of AD.

My question is simply is there a better solution to demote it other than using this:

Question by:Chynn
    LVL 14

    Accepted Solution

    LVL 1

    Expert Comment


    As you already removed this DC from the Active Directory using ntdsutil, it doesn't have any existence in the domain. Best way is to backup all data from this DC and reformat the system drive. Using the ntdsutil to remove a domain controller is always the last option and it used in case of complete hard drive failure.
    The thing is if you have already lost some FSMO roles you may have to use the ntdsutil to force distribute all the roles that belonged to the DC in question here.

    Author Closing Comment

    Just the answer I was looking for, this machine was only there as a DC for authentication purposes but did have a good bit of application and data responsibility, formatting the OS was not an optimal solution, /forceremove worked like a champ.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    Suggested Solutions

    I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
    Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now