Domain controller lost. No demote please help

We lost our domain controller. Total system failure. Now exchange is still trying to locate that domain controller.

Getting a lot of errors that specify the old domain controller.

Example: An error caused a change in the current set of domain controllers. It was running the command 'Get -ExchangeServer'

How do you demote a domain controller when you no longer have access to it?
TommyCasanovaJanitorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Randy DownsOWNERCommented:
Try this

http://technet.microsoft.com/en-us/library/cc731871(WS.10).aspx

The procedures in this section describe how you can forcefully remove a domain controller running Windows Server 2008 or Windows Server 2008 R2. In Windows Server 2008 and Windows Server 2008 R2, you can forcefully remove a domain controller when it is started in Directory Services Restore Mode (DSRM).

Typically, you force the removal of a domain controller only if the domain controller has no connectivity with other domain controllers. Because the domain controller cannot contact other domain controllers during the operation, the Active Directory forest metadata is not updated automatically as it is when a domain controller is removed normally. Instead, you must update the forest metadata manually after you remove the domain controller. If you use the version of the Active Directory Users and Computers snap-in that is included with Windows Server 2008 or Windows Server 2008 R2. or the Microsoft Remote Server Administration Tools for Windows Vista (http://go.microsoft.com/fwlink/?LinkID=115118), you can clean up the metadata automatically by deleting the domain controller object.

The procedures in this section describe the following methods that you can use to forcefully remove a domain controller:

Forcing the removal of a domain controller by using the Windows interface

To use the Windows interface, you must start the Active Directory Domain Services Installation Wizard at the command line by running the dcpromo /forceremoval command.


Forcing the removal of a domain controller by using the command line


Forcing the removal of a domain controller by using an answer file

Forcing the removal of a domain controller by using the Windows interface
Administrative credentials

To forcefully remove a domain controller, you must be a member of the Domain Admins group.

To force the removal of a domain controller by using the Windows interface
1.At a command prompt, type the following command, and then press ENTER:

dcpromo /forceremoval

If the domain controller hosts any operations master (also known as flexible single master operations or FSMO) roles, or if it is a Domain Name System (DNS) server or a global catalog server, warnings appear that explain how the forced removal will affect the rest of the environment. After you read each warning, click Yes. If you want to suppress the warnings in advance of the removal operation, you must force the removal of Active Directory Domain Services (AD DS) by using an answer file. In the answer file, specify the parameter demotefsmo=yes.

2.On the Welcome to the Active Directory Domain Services Installation Wizard page, click Next.

3.On the Force the Removal of Active Directory Domain Services page, review the information about forcing the removal of AD DS and metadata cleanup requirements, and then click Next.

4.On the Administrator Password page, type and confirm a secure password for the local Administrator account, and then click Next.

5.On the Summary page, review your selections. Click Back to change any selections, if necessary.

To save the settings that you selected to an answer file that you can use to automate subsequent AD DS operations, click Export settings. Type a name for your answer file, and then click Save.

When you are sure that your selections are accurate, click Next to remove AD DS.

6.You can either select the Reboot on completion check box to have the server restart automatically or you can restart the server to complete the removal of AD DS when you are prompted to do so.

7.Open Server Manager. Click Start, point to Administrative Tools, and then click Server Manager.

8.In Roles Summary, click Remove Roles.

9.If necessary, review the information on the Before You Begin page, and then click Next.

10.On the Remove Server Roles page, clear the Active Directory Domain Services check box, and then click Next.

11.On the Confirm Removal Selections page, click Remove.

12.On the Removal Results page, click Close, and then click Yes to restart the server.


0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Mike KlineCommented:
So in his case it sounds like he doesn't even have access to that DC so he can't even do a /forceremoval

A metadata cleanup would be the thing to do here.  http://msmvps.com/blogs/mweber/archive/2010/05/16/active-directory-metadata-cleanup.aspx

Did this dead DC hold any FSMO roles?

Thanks

Mike
0
TommyCasanovaJanitorAuthor Commented:
MKline you are correct. I have no access to the DC.

looks like I am going to try the metadata cleanup and will see if it works.

The dead DC held all of the FSMO roles.

Standby for updates.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

kevinhsiehCommented:
After you do the metadata cleanup dig through the DNS records and delete all references to the old server.
0
Mike KlineCommented:
ok good info; so the dead DC held all the FSMO roles

You will need to seize the roles to another DC   http://www.petri.co.il/seizing_fsmo_roles.htm

Important **** Don't ever bring that dead DC back online once the roles have been seized ****

Thanks

Mike
0
TommyCasanovaJanitorAuthor Commented:
During the metadata cleanup at step 12. Type list servers in site and press ENTER. A list of servers in the site, each with an associated number, is displayed.

The server that I need to remove is not listed. Is it possible that I just need to seize the roles and all is well?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.