?
Solved

Delete domain from server and recreate domain

Posted on 2010-08-26
8
Medium Priority
?
870 Views
Last Modified: 2012-05-10
Hi experts,

I have the following infrastructure:

- One single Windows Server 2008 R2 configured as a domain controller for example.local
- Three workstations, Windows 7 Pro, members of example.local
- Three user accounts in example.local

I somehow managed to completely mess up DNS and DNS integration into AD (Active Directory / AD DS). Server Manager's 'Best Practice Analyzer' lists dozens of cryptic errors in AD and DNS. Domain users (roaming profiles) are no longer able to login to the domain, etc.

Correcting all these errors would take ages, so I guess it would be more efficient to totally remove the domain example.local and the DNS role from the server and rebuild the domain from scratch. I don't mind losing the user accounts or anything else in example.com (FSMO etc.) All can be deleted and rebuilt.
My goal would be to recreate a domain with the same name 'example.local' afterwards.

My basic plan is:
1. take the workstations out of the domain example.com => members of 'workgroup'
2. delete the locally stored parts of the roaming user profiles on the workstations (Windows 7 Pro)
3. remove the domain from the server
4. create a new domain (with the same name example.com) on the server
5. create new computer and user accounts on the new example.com domain
6. join the workstations to the domain

Two questions:
a) Is my basic plan OK?
b) I ask you for advice on how to do steps 2 and 3 correctly to reach my goal. Which processes do I have to follow?

Thanks for considering my problem.
Daniel

0
Comment
Question by:daniel-h
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33529242
Are you sure that you want to do that that way? You will completely remove your existing domain. What about file server and resources permission? Could you describe a little bit more your domain infrastructure, please?
0
 
LVL 4

Expert Comment

by:Gavincr001
ID: 33529256
If you only want to removed a failed DC you can use these steps.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm

I wouldnt want to kill your domain entirely unless you in a LAB environment for yourself only.
0
 
LVL 4

Expert Comment

by:Gavincr001
ID: 33529263
You could just format the server and build the new domain, then join the PC's to that new domain.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 2

Author Comment

by:daniel-h
ID: 33529305
The files to be shared on the file server (about 12 GB of data) have just been copied over from an external USB harddisk to the file server. No problem to do that again. This is a new installation that only worked during the installation phase and after changing NIC and IP ranges on the server became corrupted.
Therefore I am not expecting any issues with permissions on the files / file server.
0
 
LVL 2

Author Comment

by:daniel-h
ID: 33529339
@ Gavincr001
I don't want to reformat the harddisk and do a new installation of Windows Server 2008 R2 if I don't have to do that. Windows is already activated. I just would like to remove the function of domain controller / domain from the server.

I know Petri's article on removing a failed DC. But right now I don't know whether dcpromo would or would not finish successfully. Before starting to remove the domain I would like to collect the expert's thoughts on how to proceed to remove the domain / DC role without forgetting anything vital, because afterwards I would like to recreate a new domain with the same name.
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 1000 total points
ID: 33529368
OK then, disjoin PCs from domain, run dcpromo on DC from command-line and demote DC. Select that it is the last one DC in a domain. Uninstall also DNS role. Reboot server and start DCPROMO again. After that configure everything as you wrote (ad, dns, gc). After that authorize DHCP server if you have it installed on W2K8 server to serve IPs again.
0
 
LVL 11

Assisted Solution

by:sighar
sighar earned 1000 total points
ID: 33529419
Since this is the only DC, I see no problem in just running dcpromo and remove the domain. You cannot remove a failde DC if you only have one...
If I were you, I'd take a better look at the DNS errors, though. It sounds a bit to me like the SRV records are messed up, and fixing it shouldn't be too hard. But if you don't want to spend time on it, then your way seems OK to me.
Remove the roaming user profiles from where you stored them (usually under Users).
0
 
LVL 2

Author Comment

by:daniel-h
ID: 33538241
Thanks for your comments. According to your confirmations I followed my plan. After dcpromo I also deinstalled most server roles. The I reinstalled AD DS, did dcpromo (incl. DNS) and added DHCP afterwards. All is working as it should now. Took  me some time, but less than trying fo find a needle in the DNS haystack (there even must have been several needles hidden there...)

Cheers
Daniel
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
Suggested Courses
Course of the Month8 days, 13 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question