Simon336697
asked on
DCPromo demotion script for 2008 R2 - works but retains sysvol folder and its contents
Dear guys,
I hope you are all well and can assist.
I am attempting to script the process of demoting a domain controller, a 2008 R2 domain controller.
I have done the following.
dcpromo.exe /unattend:DCDEMOTE_2008R2_ step1.INI
========================== ========== ========== ==== DCDEMOTE_2008R2_step1.INI
[DCINSTALL]
UserName=tester
UserDomain=test.net
Password=*
AdministratorPassword=abc1 23
RemoveApplicationPartition s=Yes
IsLastDCInDomain=No
RebootOnSuccess=Yes
All looks fine....reboot and logon ...
- The NTDS service and all actice directory dependent services have been disabled
- The NTDS Settings object in AD Sites and Services is gone
- The Role of Active Directory Domain Services is still available, but disabled
- Doing a "net share" reveals that the shares sysvol and netlogon have been removed
However, the c:\windows\sysvol folder on disk:
1) has not been deleted.
2) doing a dir reveals:
Directory of c:\windows\sysvol
13/11/2013 12:12 AM <DIR> .
13/11/2013 12:12 AM <DIR> ..
13/11/2013 12:14 AM <DIR> domain
13/11/2013 12:12 AM <DIR> staging
13/11/2013 12:12 AM <DIR> staging areas
13/11/2013 12:12 AM <DIR> sysvol
And all the group policies and scripts are still there. So, the demotion script has not deleted this sysvol folder and subdirectories, and I do not know why.
I have only found the following, but not really sure if this is the reason why my demotion script failed to delete the sysvol folder and its contents.
========================== ========== ========== ==== DCPROMO log:
All entries fine, except for 2 errors below...
06/14/2014 00:27:01 [INFO] This machine is no longer a domain controller
06/14/2014 00:27:03 Telling DNS Server to prepare for demotion failed with 1068
06/14/2014 00:27:03 Setting security on server files failed with 2
========================== ========== ========== ====
Any help greatly appreciated on how to get a clean demotion done including deletion of the sysvol folder and its contents.
Thanks everyone.
I hope you are all well and can assist.
I am attempting to script the process of demoting a domain controller, a 2008 R2 domain controller.
I have done the following.
dcpromo.exe /unattend:DCDEMOTE_2008R2_
==========================
[DCINSTALL]
UserName=tester
UserDomain=test.net
Password=*
AdministratorPassword=abc1
RemoveApplicationPartition
IsLastDCInDomain=No
RebootOnSuccess=Yes
All looks fine....reboot and logon ...
- The NTDS service and all actice directory dependent services have been disabled
- The NTDS Settings object in AD Sites and Services is gone
- The Role of Active Directory Domain Services is still available, but disabled
- Doing a "net share" reveals that the shares sysvol and netlogon have been removed
However, the c:\windows\sysvol folder on disk:
1) has not been deleted.
2) doing a dir reveals:
Directory of c:\windows\sysvol
13/11/2013 12:12 AM <DIR> .
13/11/2013 12:12 AM <DIR> ..
13/11/2013 12:14 AM <DIR> domain
13/11/2013 12:12 AM <DIR> staging
13/11/2013 12:12 AM <DIR> staging areas
13/11/2013 12:12 AM <DIR> sysvol
And all the group policies and scripts are still there. So, the demotion script has not deleted this sysvol folder and subdirectories, and I do not know why.
I have only found the following, but not really sure if this is the reason why my demotion script failed to delete the sysvol folder and its contents.
==========================
All entries fine, except for 2 errors below...
06/14/2014 00:27:01 [INFO] This machine is no longer a domain controller
06/14/2014 00:27:03 Telling DNS Server to prepare for demotion failed with 1068
06/14/2014 00:27:03 Setting security on server files failed with 2
==========================
Any help greatly appreciated on how to get a clean demotion done including deletion of the sysvol folder and its contents.
Thanks everyone.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER