Demoting one of the Domain Controller in the same forest
Hi friends,
I have a 2 different domains setup in the same forest. I have to demote one of the DC.
There is a transitive trust that has been created automatically.
My question is do i have to remove the trust prior to running DCpromo to demote? If yes
I am unable to remove the trust because the remove option has been grayed out, i tried through netdom command only one way was removed and other i am getting an error either access denied or target name incorrect.
Need your assistance in demoting the DC.
regards
vinod.s
I have a 2 different domains setup in the same forest. I have to demote one of the DC.
There is a transitive trust that has been created automatically.
My question is do i have to remove the trust prior to running DCpromo to demote? If yes
I am unable to remove the trust because the remove option has been grayed out, i tried through netdom command only one way was removed and other i am getting an error either access denied or target name incorrect.
Need your assistance in demoting the DC.
regards
vinod.s
I've demoted a DC before and did not have to do anything with trusts. It should be handled automatically. the only thing you need to be sure of is that the DC doesn't have any FSMO roles on it before you demote. It becomes more of a chore to transfer those by seizing them, rather than just transferring.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
the suggested options didn't help so i tried the below and it worked.
1. Recreated the two way trust which i had deleted previously.
2. added the administrator of the Domain B to the Enterprise Admins group in the root domain.(Domain A), for the Access denied Error
3. For the tombstone lifetime errror, added the entry Allow Replication with divergent and corrupt partner, replicated the server.
5. Verified no dependencies available on the DC
4. Started DCPROMO, and server demoted successfully.
1. Recreated the two way trust which i had deleted previously.
2. added the administrator of the Domain B to the Enterprise Admins group in the root domain.(Domain A), for the Access denied Error
3. For the tombstone lifetime errror, added the entry Allow Replication with divergent and corrupt partner, replicated the server.
5. Verified no dependencies available on the DC
4. Started DCPROMO, and server demoted successfully.
Thanks
Mike