daniel-h
asked on
Delete domain from server and recreate domain
Hi experts,
I have the following infrastructure:
- One single Windows Server 2008 R2 configured as a domain controller for example.local
- Three workstations, Windows 7 Pro, members of example.local
- Three user accounts in example.local
I somehow managed to completely mess up DNS and DNS integration into AD (Active Directory / AD DS). Server Manager's 'Best Practice Analyzer' lists dozens of cryptic errors in AD and DNS. Domain users (roaming profiles) are no longer able to login to the domain, etc.
Correcting all these errors would take ages, so I guess it would be more efficient to totally remove the domain example.local and the DNS role from the server and rebuild the domain from scratch. I don't mind losing the user accounts or anything else in example.com (FSMO etc.) All can be deleted and rebuilt.
My goal would be to recreate a domain with the same name 'example.local' afterwards.
My basic plan is:
1. take the workstations out of the domain example.com => members of 'workgroup'
2. delete the locally stored parts of the roaming user profiles on the workstations (Windows 7 Pro)
3. remove the domain from the server
4. create a new domain (with the same name example.com) on the server
5. create new computer and user accounts on the new example.com domain
6. join the workstations to the domain
Two questions:
a) Is my basic plan OK?
b) I ask you for advice on how to do steps 2 and 3 correctly to reach my goal. Which processes do I have to follow?
Thanks for considering my problem.
Daniel
I have the following infrastructure:
- One single Windows Server 2008 R2 configured as a domain controller for example.local
- Three workstations, Windows 7 Pro, members of example.local
- Three user accounts in example.local
I somehow managed to completely mess up DNS and DNS integration into AD (Active Directory / AD DS). Server Manager's 'Best Practice Analyzer' lists dozens of cryptic errors in AD and DNS. Domain users (roaming profiles) are no longer able to login to the domain, etc.
Correcting all these errors would take ages, so I guess it would be more efficient to totally remove the domain example.local and the DNS role from the server and rebuild the domain from scratch. I don't mind losing the user accounts or anything else in example.com (FSMO etc.) All can be deleted and rebuilt.
My goal would be to recreate a domain with the same name 'example.local' afterwards.
My basic plan is:
1. take the workstations out of the domain example.com => members of 'workgroup'
2. delete the locally stored parts of the roaming user profiles on the workstations (Windows 7 Pro)
3. remove the domain from the server
4. create a new domain (with the same name example.com) on the server
5. create new computer and user accounts on the new example.com domain
6. join the workstations to the domain
Two questions:
a) Is my basic plan OK?
b) I ask you for advice on how to do steps 2 and 3 correctly to reach my goal. Which processes do I have to follow?
Thanks for considering my problem.
Daniel
Krzysztof Pytko
Are you sure that you want to do that that way? You will completely remove your existing domain. What about file server and resources permission? Could you describe a little bit more your domain infrastructure, please?
If you only want to removed a failed DC you can use these steps.
http://www.petri.co.il/delete_failed_dcs_from_ad.htm
I wouldnt want to kill your domain entirely unless you in a LAB environment for yourself only.
http://www.petri.co.il/delete_failed_dcs_from_ad.htm
I wouldnt want to kill your domain entirely unless you in a LAB environment for yourself only.
You could just format the server and build the new domain, then join the PC's to that new domain.
ASKER
The files to be shared on the file server (about 12 GB of data) have just been copied over from an external USB harddisk to the file server. No problem to do that again. This is a new installation that only worked during the installation phase and after changing NIC and IP ranges on the server became corrupted.
Therefore I am not expecting any issues with permissions on the files / file server.
Therefore I am not expecting any issues with permissions on the files / file server.
ASKER
@ Gavincr001
I don't want to reformat the harddisk and do a new installation of Windows Server 2008 R2 if I don't have to do that. Windows is already activated. I just would like to remove the function of domain controller / domain from the server.
I know Petri's article on removing a failed DC. But right now I don't know whether dcpromo would or would not finish successfully. Before starting to remove the domain I would like to collect the expert's thoughts on how to proceed to remove the domain / DC role without forgetting anything vital, because afterwards I would like to recreate a new domain with the same name.
I don't want to reformat the harddisk and do a new installation of Windows Server 2008 R2 if I don't have to do that. Windows is already activated. I just would like to remove the function of domain controller / domain from the server.
I know Petri's article on removing a failed DC. But right now I don't know whether dcpromo would or would not finish successfully. Before starting to remove the domain I would like to collect the expert's thoughts on how to proceed to remove the domain / DC role without forgetting anything vital, because afterwards I would like to recreate a new domain with the same name.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for your comments. According to your confirmations I followed my plan. After dcpromo I also deinstalled most server roles. The I reinstalled AD DS, did dcpromo (incl. DNS) and added DHCP afterwards. All is working as it should now. Took me some time, but less than trying fo find a needle in the DNS haystack (there even must have been several needles hidden there...)
Cheers
Daniel
Cheers
Daniel