Force a server 2008 to stop acting as a domain controller
I have a 2 server environment with a Server 2003 DC and a Server 2008 DC. The ops masters are on the Server 2003. The DCs stopped replicating and the Server 2008 has been tombstoned and is no longer recognized as a DC. DCPROMO on the server 2008 to get it to try and rejoin the domain gracefully, fails because it can't find the primary DC. The server 2008 is working fine except now sometimes the security stops people from accessing the files and printers.
How can remote, demote, or tell the server 2008 to stop acting as a DC. So I can forcefully remove it Active Diretory and then re-dcpromo it back as at DC? I once went through a process with Microsoft that edited the registry so a tombstoned DC would stop acting as a DC and would allow another dcpromo to add it back to the domain after adsiedit was used to remove the dc from Active Directory.
How can remote, demote, or tell the server 2008 to stop acting as a DC. So I can forcefully remove it Active Diretory and then re-dcpromo it back as at DC? I once went through a process with Microsoft that edited the registry so a tombstoned DC would stop acting as a DC and would allow another dcpromo to add it back to the domain after adsiedit was used to remove the dc from Active Directory.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Perform force removal first then cleanup the metadata of culprit server then seize the roles to working DC then you can repromote the server to the domain
Reference link
Forcefull removal of DC:
http://support.microsoft.com/kb/332199 (2003)
http://technet.microsoft.com/en-us/library/cc731871(v=ws.10).aspx (2008)
Metadata cleanup:
http://www.petri.co.il/delete_failed_dcs_from_ad.htm
Seize FSMO role:
http://www.petri.co.il/seizing_fsmo_roles.htm