?
Solved

demoting Windows 2003 Domain Controller checklist

Posted on 2015-02-12
3
Medium Priority
?
172 Views
Last Modified: 2015-02-24
Hello,
Does anyone has a checklist for demoting 2003 Domain controllers?

Thank you so much.
0
Comment
Question by:creative555
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 35

Accepted Solution

by:
Seth Simmons earned 668 total points
ID: 40606356
check that no clients are using it for dns or dhcp and it doesn't hold any fsmo roles
turn it off for a few days; if no issues then bring it online and demote
0
 
LVL 6

Assisted Solution

by:rgorman
rgorman earned 668 total points
ID: 40606370
There is probably a checklist online somewhere but really all I would do is make sure it is not an operations master role holder for PDC Emulator, RID master, infrastructure master, schema master, domain naming master (if it is, transfer the roles to another server), then dcpromo your 2003 domain controller down, reboot, check sites and services and make sure all object references for it are gone, then if you intend to turn off the 2003 completely just go in to AD and delete the computer object.

You can then go in to DNS and make sure there are no more service records referencing the old server.

With that being said, just make sure the server is also not providing other service roles before shutting it off completely.
0
 
LVL 13

Assisted Solution

by:Rizzle
Rizzle earned 664 total points
ID: 40606424
Here the guide we used when we decommissioned our 2003 DC's.

I would highly advise to ensure you have migrated any mission critical roles/FSMO's to another DC.

Also then run https://technet.microsoft.com/en-gb/library/cc776854(v=ws.10).aspx 
 

Once done then follow the below.

NOTE:
During the decommissioning process, the Active Directory Installation Wizard will attempt to transfer any remaining operations master roles to other domain controllers without any user interaction. However, if a failure occurs, the wizard will continue to uninstall Active Directory and leave your domain without roles

To uninstall Active Directory

      1.
Click Start, click Run , type dcpromo and then click OK.

      2.
The Active Directory Installation Wizard appears. Click Next at the Welcome screen.

      3.
You have an option to select This server is the last domain controller in the domain. If you select this option, the wizard attempts to remove the domain from the forest. Do not select this option. Click Next.

      4.
At the Administrative Password screen, enter and confirm the password that you want to assign to the local Administrator account after Active Directory is removed. Click Next .

      5.
At the Summary screen, verify that the information is correct and then click Next to proceed with the removal.

      6.
The wizard proceeds to remove Active Directory. After it finishes, the wizard displays a completion screen. Click Finish to close the wizard.

      7.
Click Restart to restart the domain controller.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question