Solved

Remove subdomain from 2003 Forest

Posted on 2011-09-21
9
604 Views
Last Modified: 2012-06-21
This is how our network was set up...

Main HQ with three branches.  We were going to have the TLD as company.local and then subdomains for each branch including a subdomain for HQ, which would be hq.company.local.  We went so far as to create the subdomain hq.company.local on a 2008 R2 box but never wound up using it.  The DC for hq.company.local has been powered off since April 2011.  AD Sites and Services indicates that AD Connections exist between hq.company.local and the TLD DCs as well as the other subdomain DCs.  We want to now remove the hq.company.local subdomain.  I just powered it back on and tried to run the AD replications to it manually using ADSS, which failed.

Since AD replication is failing to hq.company.local, I'm assuming that if I demote the hq.company.local domain controller that AD throughout the entire company will not reflect that the hq.company.local subdomain has been removed.  

Not quite sure where to start here in getting hq.company.local fully removed from my forest, which is in 2003 mode since all 3 TLD DCs are 2003 x64 Enterprise.  Any suggestions?
0
Comment
Question by:sedberg1
  • 5
  • 4
9 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36573693
Try demoting if this fails then go through a metadata cleanup to remove the data out of AD.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 

Author Comment

by:sedberg1
ID: 36573781
I understand that I would demote the hq.company.local domain controller.  However, the metadata cleanup would be done from where?  We have three DCs on the TLD: AD1, AD2, and AD3.  AD2 hosts all 5 FSMO roles.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36573802
From any one of the functioning DCs.
0
Free Webinar: AWS Backup & DR

Join our upcoming webinar with experts from AWS, CloudBerry Lab, and the Town of Edgartown IT to discuss best practices for simplifying online backup management and cutting costs.

 

Author Comment

by:sedberg1
ID: 36573960
So I had to force remove AD from the hq.company.local DC since it kept failing at authenticating with the TLD to remove DNS delegation.  The AD connections are still present in ADSS on the TLD.  Should I manually delete those?  Should I do that before or after metadata cleanup?
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 500 total points
ID: 36575310
Do metadata cleanup
0
 

Author Comment

by:sedberg1
ID: 36575541
Ummm...so do I do metadata cleanup before or after deleting the AD connections?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36575596
Just do that metadata cleanup this will remove all lingering objects for this subdomain
0
 

Author Comment

by:sedberg1
ID: 36575736
The instructions are for removing a domain controller from a domain that includes more than one domain controller.  My issue is that this is a single domain controller in a subdomain.  If I remove the single domain controller, will it automatically remove the subdomain as well?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36576425
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question