Solved

How do you forcibly remove a DC ?

Posted on 2014-02-04
3
271 Views
Last Modified: 2014-03-07
Hi guys

Can you tell me your procedure of removing a DC ? I'm pretty sure there can be a situation when its not possible to even power on a DC - broken mobo for example - and every serious admin should have a ready plan for that scenario.

I'm talking about an environment where the highest ver of Win Server is 2008 R2.

Here is what I would do:

1. change IP settings of other DC(s) so they don't point to that failed DC for DNS.
2. Seize roles if it was FSMO role holder
3. clear DNS of any IP addresses of failed DC
4. remove DC object from users and computers
5. Set a different DC as a time server if necessary.

Is there anything you would change, skip, add ?

Please let me know. Unfortunately, as always - I need to add that I'm only interested in first hand experience.
0
Comment
Question by:tp-it-team
3 Comments
 
LVL 22

Assisted Solution

by:Joseph Moody
Joseph Moody earned 166 total points
ID: 39833290
In addition to what you have, see this KB:

http://support.microsoft.com/kb/555846/en-us
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 167 total points
ID: 39833301
The above is basically what you need to do. If the other suggestions i would have is ensure that there are no SRV records present anywhere under the _msdcs folder under your internal domain zone. If you see any IP's in there you should simply delete them.

Make sure that Sites and Services have the correct replication partners as well once you have removed the domain. If the computer objects still reside in there you can delete those as well.

You only need to perform a metadata cleanup when the DC has had any roles assigned to it. If the DC fails and there are no roles assigned at that time you can just delete the computer object (if you are at a 2008 level). 2003 will require a metadata cleanup.

Metadata Cleanup

Will.
0
 
LVL 9

Assisted Solution

by:rawinnlnx9
rawinnlnx9 earned 167 total points
ID: 39833307
I just did this very thing.

http://www.petri.co.il/understanding_fsmo_roles_in_ad.htm 
http://www.petri.co.il/transferring_fsmo_roles.htm
http://www.petri.co.il/determining_fsmo_role_holders.htm
http://www.petri.co.il/configure_a_new_global_catalog.htm

At the end on your new PDC run dcdiag and make sure everything passes. If anything fails google and the solutions are usually simple.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Hyper V cluster 2 31
Windows IPv6 DHCP server 8 35
Problem to search 5 23
No login server available 4 21
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now