asked on
Cannot remove DC from Network
Hey guys,
We have a DC in one of our Hyper-V VM environments that has a lot of problems. It appears that system files have been corrupted. I ran sfc /scannow and it didn't resolve the issue. MMC snap-ins don't load and other stuff doesn't function properly.
So we went ahead and decided to create a new DC and moved all the FSMO roles to the new DC. However when I try to remove the old DC using dcpromo /forceremoval I receive the error below. I haven't really found any articles that were very helpful. If anyone can shed some light on what's going on here I'd greatly appreciate it. Thanks!
![dcpromo.PNG]()
We have a DC in one of our Hyper-V VM environments that has a lot of problems. It appears that system files have been corrupted. I ran sfc /scannow and it didn't resolve the issue. MMC snap-ins don't load and other stuff doesn't function properly.
So we went ahead and decided to create a new DC and moved all the FSMO roles to the new DC. However when I try to remove the old DC using dcpromo /forceremoval I receive the error below. I haven't really found any articles that were very helpful. If anyone can shed some light on what's going on here I'd greatly appreciate it. Thanks!
Windows Server 2008Active DirectoryWindows NetworkingHyper-VWindows OS
Last Comment
Will Szymkowski
Forest or Child domain?
Schema master?
Schema master?
As per your comments I assume that you have already moved all the FSMO roles, however if you have not moved, follow the article and move all the FSMo roles to new DC. Use Seize if graceful move is not working.
http://www.itingredients.com/what-is-fsmo-roles-flexible-single-master-operations/
If you are facing an issue while doing DCPROMO /Forceremoval then you can reinstall OS. In both the scenarios you need to perform metadata cleanup to remove all the references of old domain controller from new domain controller.
http://www.itingredients.com/what-is-fsmo-roles-flexible-single-master-operations/
If you are facing an issue while doing DCPROMO /Forceremoval then you can reinstall OS. In both the scenarios you need to perform metadata cleanup to remove all the references of old domain controller from new domain controller.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Althgouth this is done automatically it is always a good idea to use NTDSUtil to ensure that the objects were removed, Never assume.
Other things that were not mentioned are the following...
- check sites and services (if there are any objects referencing the failed DC delete them)
- make sure that you setup the new DC with an external time source (PDC)
- open DNS management and expand the _msdcs.domain.com folder and check all of the sub folders and make sure that there are no entries pointing to this DC, if there are, delete them
Also run netdom query fsmo and netdom query dc
Will.
Other things that were not mentioned are the following...
- check sites and services (if there are any objects referencing the failed DC delete them)
- make sure that you setup the new DC with an external time source (PDC)
- open DNS management and expand the _msdcs.domain.com folder and check all of the sub folders and make sure that there are no entries pointing to this DC, if there are, delete them
Also run netdom query fsmo and netdom query dc
Will.
Power off the failed DC and make sure the remaining DC is functional. Use ntdsutils on the new DC to make sure it has all the roles.
Ntdsutil can be used to seize tge roles meaning the old DC must not be put back on the network in its old state if seizure is done.
If you do seize, make sure it is done after all the data files needed have been transferred.