Solved

Delete domain from server and recreate domain

Posted on 2010-08-26
8
869 Views
Last Modified: 2012-05-10
Hi experts,

I have the following infrastructure:

- One single Windows Server 2008 R2 configured as a domain controller for example.local
- Three workstations, Windows 7 Pro, members of example.local
- Three user accounts in example.local

I somehow managed to completely mess up DNS and DNS integration into AD (Active Directory / AD DS). Server Manager's 'Best Practice Analyzer' lists dozens of cryptic errors in AD and DNS. Domain users (roaming profiles) are no longer able to login to the domain, etc.

Correcting all these errors would take ages, so I guess it would be more efficient to totally remove the domain example.local and the DNS role from the server and rebuild the domain from scratch. I don't mind losing the user accounts or anything else in example.com (FSMO etc.) All can be deleted and rebuilt.
My goal would be to recreate a domain with the same name 'example.local' afterwards.

My basic plan is:
1. take the workstations out of the domain example.com => members of 'workgroup'
2. delete the locally stored parts of the roaming user profiles on the workstations (Windows 7 Pro)
3. remove the domain from the server
4. create a new domain (with the same name example.com) on the server
5. create new computer and user accounts on the new example.com domain
6. join the workstations to the domain

Two questions:
a) Is my basic plan OK?
b) I ask you for advice on how to do steps 2 and 3 correctly to reach my goal. Which processes do I have to follow?

Thanks for considering my problem.
Daniel

0
Comment
Question by:daniel-h
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33529242
Are you sure that you want to do that that way? You will completely remove your existing domain. What about file server and resources permission? Could you describe a little bit more your domain infrastructure, please?
0
 
LVL 4

Expert Comment

by:Gavincr001
ID: 33529256
If you only want to removed a failed DC you can use these steps.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm

I wouldnt want to kill your domain entirely unless you in a LAB environment for yourself only.
0
 
LVL 4

Expert Comment

by:Gavincr001
ID: 33529263
You could just format the server and build the new domain, then join the PC's to that new domain.
0
What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

 
LVL 2

Author Comment

by:daniel-h
ID: 33529305
The files to be shared on the file server (about 12 GB of data) have just been copied over from an external USB harddisk to the file server. No problem to do that again. This is a new installation that only worked during the installation phase and after changing NIC and IP ranges on the server became corrupted.
Therefore I am not expecting any issues with permissions on the files / file server.
0
 
LVL 2

Author Comment

by:daniel-h
ID: 33529339
@ Gavincr001
I don't want to reformat the harddisk and do a new installation of Windows Server 2008 R2 if I don't have to do that. Windows is already activated. I just would like to remove the function of domain controller / domain from the server.

I know Petri's article on removing a failed DC. But right now I don't know whether dcpromo would or would not finish successfully. Before starting to remove the domain I would like to collect the expert's thoughts on how to proceed to remove the domain / DC role without forgetting anything vital, because afterwards I would like to recreate a new domain with the same name.
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 250 total points
ID: 33529368
OK then, disjoin PCs from domain, run dcpromo on DC from command-line and demote DC. Select that it is the last one DC in a domain. Uninstall also DNS role. Reboot server and start DCPROMO again. After that configure everything as you wrote (ad, dns, gc). After that authorize DHCP server if you have it installed on W2K8 server to serve IPs again.
0
 
LVL 11

Assisted Solution

by:sighar
sighar earned 250 total points
ID: 33529419
Since this is the only DC, I see no problem in just running dcpromo and remove the domain. You cannot remove a failde DC if you only have one...
If I were you, I'd take a better look at the DNS errors, though. It sounds a bit to me like the SRV records are messed up, and fixing it shouldn't be too hard. But if you don't want to spend time on it, then your way seems OK to me.
Remove the roaming user profiles from where you stored them (usually under Users).
0
 
LVL 2

Author Comment

by:daniel-h
ID: 33538241
Thanks for your comments. According to your confirmations I followed my plan. After dcpromo I also deinstalled most server roles. The I reinstalled AD DS, did dcpromo (incl. DNS) and added DHCP afterwards. All is working as it should now. Took  me some time, but less than trying fo find a needle in the DNS haystack (there even must have been several needles hidden there...)

Cheers
Daniel
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question