[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Delete domain from server and recreate domain

Posted on 2010-08-26
8
Medium Priority
?
871 Views
Last Modified: 2012-05-10
Hi experts,

I have the following infrastructure:

- One single Windows Server 2008 R2 configured as a domain controller for example.local
- Three workstations, Windows 7 Pro, members of example.local
- Three user accounts in example.local

I somehow managed to completely mess up DNS and DNS integration into AD (Active Directory / AD DS). Server Manager's 'Best Practice Analyzer' lists dozens of cryptic errors in AD and DNS. Domain users (roaming profiles) are no longer able to login to the domain, etc.

Correcting all these errors would take ages, so I guess it would be more efficient to totally remove the domain example.local and the DNS role from the server and rebuild the domain from scratch. I don't mind losing the user accounts or anything else in example.com (FSMO etc.) All can be deleted and rebuilt.
My goal would be to recreate a domain with the same name 'example.local' afterwards.

My basic plan is:
1. take the workstations out of the domain example.com => members of 'workgroup'
2. delete the locally stored parts of the roaming user profiles on the workstations (Windows 7 Pro)
3. remove the domain from the server
4. create a new domain (with the same name example.com) on the server
5. create new computer and user accounts on the new example.com domain
6. join the workstations to the domain

Two questions:
a) Is my basic plan OK?
b) I ask you for advice on how to do steps 2 and 3 correctly to reach my goal. Which processes do I have to follow?

Thanks for considering my problem.
Daniel

0
Comment
Question by:daniel-h
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33529242
Are you sure that you want to do that that way? You will completely remove your existing domain. What about file server and resources permission? Could you describe a little bit more your domain infrastructure, please?
0
 
LVL 4

Expert Comment

by:Gavincr001
ID: 33529256
If you only want to removed a failed DC you can use these steps.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm

I wouldnt want to kill your domain entirely unless you in a LAB environment for yourself only.
0
 
LVL 4

Expert Comment

by:Gavincr001
ID: 33529263
You could just format the server and build the new domain, then join the PC's to that new domain.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 2

Author Comment

by:daniel-h
ID: 33529305
The files to be shared on the file server (about 12 GB of data) have just been copied over from an external USB harddisk to the file server. No problem to do that again. This is a new installation that only worked during the installation phase and after changing NIC and IP ranges on the server became corrupted.
Therefore I am not expecting any issues with permissions on the files / file server.
0
 
LVL 2

Author Comment

by:daniel-h
ID: 33529339
@ Gavincr001
I don't want to reformat the harddisk and do a new installation of Windows Server 2008 R2 if I don't have to do that. Windows is already activated. I just would like to remove the function of domain controller / domain from the server.

I know Petri's article on removing a failed DC. But right now I don't know whether dcpromo would or would not finish successfully. Before starting to remove the domain I would like to collect the expert's thoughts on how to proceed to remove the domain / DC role without forgetting anything vital, because afterwards I would like to recreate a new domain with the same name.
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 1000 total points
ID: 33529368
OK then, disjoin PCs from domain, run dcpromo on DC from command-line and demote DC. Select that it is the last one DC in a domain. Uninstall also DNS role. Reboot server and start DCPROMO again. After that configure everything as you wrote (ad, dns, gc). After that authorize DHCP server if you have it installed on W2K8 server to serve IPs again.
0
 
LVL 11

Assisted Solution

by:Sigurdur Haraldsson
Sigurdur Haraldsson earned 1000 total points
ID: 33529419
Since this is the only DC, I see no problem in just running dcpromo and remove the domain. You cannot remove a failde DC if you only have one...
If I were you, I'd take a better look at the DNS errors, though. It sounds a bit to me like the SRV records are messed up, and fixing it shouldn't be too hard. But if you don't want to spend time on it, then your way seems OK to me.
Remove the roaming user profiles from where you stored them (usually under Users).
0
 
LVL 2

Author Comment

by:daniel-h
ID: 33538241
Thanks for your comments. According to your confirmations I followed my plan. After dcpromo I also deinstalled most server roles. The I reinstalled AD DS, did dcpromo (incl. DNS) and added DHCP afterwards. All is working as it should now. Took  me some time, but less than trying fo find a needle in the DNS haystack (there even must have been several needles hidden there...)

Cheers
Daniel
0

Featured Post

Tech or Treat! - Giveaway

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question