Fully disjoin production W2K3 server from Active Directory domain
Posted on 2012-09-08
I have a W2K3 server that I have removed from production and would like to keep as a testbed server. In addition to disjoining it from the Active Directory domain, I realize that there are some additional steps that I must take in order to assume full administrative control of the server.
For example, the backup software application formerly used a domain user account to run its related services. It would not execute after removing it from the domain. So, I reconfigured the services to use the local system account and now it runs.
Aside from that there is the issue of group policy. Even though the server is no longer joined to the domain, the group policy settings that were applied at the time that I disjoined it from the domain are still in effect until I explicitly edit them, true? Since I don't know all of the specific policy settings that were applied, I would like to import a security template to essentially return the server to a "default" security status as if I just freshly installed Windows Server 2003.
Any suggestions and any additional considerations that you think I should take into account would be greatly appreciated. I may be overlooking some things.