Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Demote 2003 DC and remove from domain/forest

Posted on 2014-12-10
2
439 Views
Last Modified: 2014-12-15
Could someone please take a quick look at the following insights
for demoting and removing an older 2003 DC from out domain. I am
fairly certain that we are good to go, but want to make sure that
nothing breaks if possible.
We have an AD Forest (Forest functional level Windows Server 2003)
with a single domain (Domain functional level Windows Server 2003)
that contains 120 desktop/laptop objects, around 20 member servers
of different function types, o/s, etc... and 3 domain controllers that
have all been running together for several months now.
Two of the domain controllers are newer 2008 machines (2008 R2 Enterprise
and 2008 R2 Standard respectively) and the third
domain controller is an older 2003 Standard SP2 system. It is the 2003
DC that I intend to demote to a member server and then remove totally from
our AD as the hardware is old and likely to fail soon. We introduced the 2nd
2008 R2 DC a few months ago and everything has been running smoothly. In preparation
for removing the 2003 DC we have checked and/or adjusted all the aspects listed below:

- All the FSMO roles are on the two 2008 DC systems (PDC, Infra and RID on one and
Schema and Domain Role on the other)
- All three DC's are Global Catalogue servers
- The 2003 DC does not provide DHCP, WINS or DNS services as these have all been moved
to other servers several months ago
- we are not planning to raise the domain or forest level to 2008 yet
- the 2003 DC does not act as a certificate authority (we don't have one)
- it is not a bridgehead server and we have no other sites
- I do all our GPO stuff from one of the 2008 DC's
- All replications (repadmin /showrepl) between all 3 DC's were successful
and I tried it on all 3 DC systems


Will I have to manually cleanup AD using Adsiedit/Ntdsutil if we gracefully demote
the DC to a member server and then remove the server from AD?
Will it break DFS which is on our single file server?
Is there anything else that I need to do or that might be affected.
0
Comment
Question by:Laszlo Denes
2 Comments
 
LVL 33

Accepted Solution

by:
it_saige earned 500 total points
ID: 40491762
It looks as if you have all your bases covered.  Since DFS (like DNS) allows integration within AD, you don't have any concerns there since your replications are functioning normally.  I don't believe that you will have any cleanup (per se) in AD so long as you gracefully removing the 2003 server.

-saige-
0
 

Author Comment

by:Laszlo Denes
ID: 40500499
Thanks.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A safe way to clean winsxs folder from your windows server 2008 R2 editions
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question