Demoted Server Still shows in AD Sites and Services but no NTDS settings listed. Safe to delete?

Hello,

A few years ago a 2003 DC was demoted on the site here, prior to visualization. All ran ok and the server is listed under the Computers container in AD Users and Computers,  no longer in the Domain Controllers Section.

I'm about to update our function level to 2003 Native ( moving to exchange 2010 ) and when I checked the demoted server is still showing in Active Directory Sites and Services but there are no NTDS settings listed.

I checked replmon and the demoted server is listed but cannot be added as a monitored server, our remaining servers are all replicating fine.

The server is a file server and has been working fine in this state for at least a couple of years.

I have seen posts with similar issues and the choice comes down to just right clicking and deleting the entry in Sites and Services or running metadata cleanup.

Could anyone tell me whats the best process to follow? I don't want to remove/delete the server as its in uses 24/7 but I would like to know that AD has no unusual entries before the function level change.

Thanks,

Phil
Phil AskeyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mr TorturSystem EngineerCommented:
Hi,
you can delete this in Sites and Services window.
Also in ntdsutil maybe you could have to cleanup server metadata but if you depromoted it correctly there is nothing else to do.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Mr TorturSystem EngineerCommented:
But of course don't delete the server account on the domain because also it is no more a DC it is still a machine in the domain (member server).
0
Phil AskeyAuthor Commented:
Hi,

Thanks for the reply. i believe it was demoted correctly - I was not the admin that performed it. Is there anywhere else I need to check before the right click, delete?

Thanks again,

Phil
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Mr TorturSystem EngineerCommented:
I don't think so.
You can check this server is no more DC roles (as DNS server for example), that it has no more AD folders as netlogon or domain.grp.
0
Phil AskeyAuthor Commented:
Hi,

Thanks, I will check those and update you and accept the solution.

Thanks for the help,

Phil
0
Toni UranjekConsultant/TrainerCommented:
Check if you need to perform "metadata cleanup":

Clean Up Server Metadata: https://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx
0
Phil AskeyAuthor Commented:
Hi Toni,

Thanks for the post, it refers to 2008 servers and we do not have any DCs running that level.

is there a similar tool for 2003?

Thanks
Phil
0
Toni UranjekConsultant/TrainerCommented:
ntdsutil works on all versions of Windows Server domain controllers.
0
Phil AskeyAuthor Commented:
Hi,

Agreed about the ntdsutil, I will look into the process of just removing the information not the computer which appears to be what the article you sent refers too.

Thanks,

Phil
0
Toni UranjekConsultant/TrainerCommented:
If server is still in use after demotion, just check the ntdsutil part of instructions.
0
Phil AskeyAuthor Commented:
Hi,

Sorry, I must be misunderstanding. The link mentions deleting the server, is it just the entry on the Sites and Services / domain controller info?  I would not want to remove it and find the server is removed completely!

thanks
phil
0
Toni UranjekConsultant/TrainerCommented:
I understand. You can safely delete server from Active Directory Sites and Services. To complete the process of deleting any references to former DC in AD you should perform "metadata cleanup".

Metadata cleanup will not remove server from domain. It will remove any references in Active Directory to former DC, if they exists.

This is exact part of the article, which describes the process:
Clean up server metadata using the command line
https://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx#bkmk_commandline
0
Phil AskeyAuthor Commented:
Hi,
Ok thanks. I will delete the server by doing right click, delete from Sites and services and then look at the metadata cleanup.

Once i have done this I will report back.

Thanks to you both for the help so far!

Phil
0
Will SzymkowskiSenior Solution ArchitectCommented:
Regardless if the server was demoteed properly or removed using metadata cleanup, the computer objects in AD Sites and Services typically do not remove themselves. The NTDS settings will be gone but the computer objects will still reside.

As satated just delete right click the computer object and delete it. If there are NTDS settings assigned it will not allow you to delete this object.

Another thing that does not get cleanup up if you had to perform metadata cleanup is removing SRV records in DNS. Open DNS console > expand _msdcs.domain.com and remove any entries that you see for this domain controller.

Will.
0
Phil AskeyAuthor Commented:
Hi,
Sorry for the delay in getting back to you.
Updated the schema without deleting the entry and all worked ok.
Thanks very much for the help and again, sorry for the delay in getting back to you.
Phil
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.