We have a two server domain running Windows server 2003. Due to a number of problems with the BDC that the previous IT person left, it has not replicated with the PDC in months. Amazing...
The problem now is that some authorization requests are going to it and some fail if they need any recent AD data.
The whole DC is a mess and there are many various errors logged and I have to slowly go through them and get it working. At this point I consider it a detriment to being a BDC and I'd like to stop it.
When I try and remove the BDC role, I get "login failure: the target account is invalid".
What I want to do is a way to "pause" it as a DC... not demote it (I'm not sure 100% all the ramifications of doing that at the moment). I have even thought of just shutting it down. The PDC has all the FSMO roles, GC, DNS, WINS, DHCP, etc.
Is there some service or something that I can stop? Just so it doesn't try and respond to any authorization requests? This has the advantage that if it is causing a problem by not being "active" from home I can just restart it again.
I know there are bigger issues to address... for the short term I just want this BDC to be out of the picture in as simple a way as possible.