Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

demoting Windows 2003 Domain Controller checklist

Posted on 2015-02-12
3
141 Views
Last Modified: 2015-02-24
Hello,
Does anyone has a checklist for demoting 2003 Domain controllers?

Thank you so much.
0
Comment
Question by:creative555
3 Comments
 
LVL 34

Accepted Solution

by:
Seth Simmons earned 167 total points
ID: 40606356
check that no clients are using it for dns or dhcp and it doesn't hold any fsmo roles
turn it off for a few days; if no issues then bring it online and demote
0
 
LVL 6

Assisted Solution

by:rgorman
rgorman earned 167 total points
ID: 40606370
There is probably a checklist online somewhere but really all I would do is make sure it is not an operations master role holder for PDC Emulator, RID master, infrastructure master, schema master, domain naming master (if it is, transfer the roles to another server), then dcpromo your 2003 domain controller down, reboot, check sites and services and make sure all object references for it are gone, then if you intend to turn off the 2003 completely just go in to AD and delete the computer object.

You can then go in to DNS and make sure there are no more service records referencing the old server.

With that being said, just make sure the server is also not providing other service roles before shutting it off completely.
0
 
LVL 13

Assisted Solution

by:Rizzle
Rizzle earned 166 total points
ID: 40606424
Here the guide we used when we decommissioned our 2003 DC's.

I would highly advise to ensure you have migrated any mission critical roles/FSMO's to another DC.

Also then run https://technet.microsoft.com/en-gb/library/cc776854(v=ws.10).aspx 
 

Once done then follow the below.

NOTE:
During the decommissioning process, the Active Directory Installation Wizard will attempt to transfer any remaining operations master roles to other domain controllers without any user interaction. However, if a failure occurs, the wizard will continue to uninstall Active Directory and leave your domain without roles

To uninstall Active Directory

      1.
Click Start, click Run , type dcpromo and then click OK.

      2.
The Active Directory Installation Wizard appears. Click Next at the Welcome screen.

      3.
You have an option to select This server is the last domain controller in the domain. If you select this option, the wizard attempts to remove the domain from the forest. Do not select this option. Click Next.

      4.
At the Administrative Password screen, enter and confirm the password that you want to assign to the local Administrator account after Active Directory is removed. Click Next .

      5.
At the Summary screen, verify that the information is correct and then click Next to proceed with the removal.

      6.
The wizard proceeds to remove Active Directory. After it finishes, the wizard displays a completion screen. Click Finish to close the wizard.

      7.
Click Restart to restart the domain controller.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question