Solved

Remove subdomain from 2003 Forest

Posted on 2011-09-21
9
600 Views
Last Modified: 2012-06-21
This is how our network was set up...

Main HQ with three branches.  We were going to have the TLD as company.local and then subdomains for each branch including a subdomain for HQ, which would be hq.company.local.  We went so far as to create the subdomain hq.company.local on a 2008 R2 box but never wound up using it.  The DC for hq.company.local has been powered off since April 2011.  AD Sites and Services indicates that AD Connections exist between hq.company.local and the TLD DCs as well as the other subdomain DCs.  We want to now remove the hq.company.local subdomain.  I just powered it back on and tried to run the AD replications to it manually using ADSS, which failed.

Since AD replication is failing to hq.company.local, I'm assuming that if I demote the hq.company.local domain controller that AD throughout the entire company will not reflect that the hq.company.local subdomain has been removed.  

Not quite sure where to start here in getting hq.company.local fully removed from my forest, which is in 2003 mode since all 3 TLD DCs are 2003 x64 Enterprise.  Any suggestions?
0
Comment
Question by:sedberg1
  • 5
  • 4
9 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36573693
Try demoting if this fails then go through a metadata cleanup to remove the data out of AD.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 

Author Comment

by:sedberg1
ID: 36573781
I understand that I would demote the hq.company.local domain controller.  However, the metadata cleanup would be done from where?  We have three DCs on the TLD: AD1, AD2, and AD3.  AD2 hosts all 5 FSMO roles.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36573802
From any one of the functioning DCs.
0
 

Author Comment

by:sedberg1
ID: 36573960
So I had to force remove AD from the hq.company.local DC since it kept failing at authenticating with the TLD to remove DNS delegation.  The AD connections are still present in ADSS on the TLD.  Should I manually delete those?  Should I do that before or after metadata cleanup?
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 500 total points
ID: 36575310
Do metadata cleanup
0
 

Author Comment

by:sedberg1
ID: 36575541
Ummm...so do I do metadata cleanup before or after deleting the AD connections?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36575596
Just do that metadata cleanup this will remove all lingering objects for this subdomain
0
 

Author Comment

by:sedberg1
ID: 36575736
The instructions are for removing a domain controller from a domain that includes more than one domain controller.  My issue is that this is a single domain controller in a subdomain.  If I remove the single domain controller, will it automatically remove the subdomain as well?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36576425
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now