Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


The proper way to demote a server

  • Please log in to reply
2 replies to this topic

#1 uByte


  • Members
  • 243 posts
  • Gender:Male
  • Location:FL
  • Local time:03:59 AM

Posted 13 October 2014 - 02:37 PM

Here is what I got. I have a windows 2012 R2 server that I joined to a windows 2003 network. I have set the 2012 server to the operations master and now I want to demote Active Directory and remove the old 2003 server from the network. 


My question is should I remove it from the network or should I keep it connected for and AD running on it for redundancy? Do I get a huge benefit from having another AD server connected? If I do remove it from the network do I simply just go through the removing a roles wizard to remove it completely or just turn it off and unplug it? The new server is way more than enough for what I am going to use it for (a simple file/printer sharing server). I suppose I could leave it connected for backup storage of the new server (I could save the system state/files and such).


Thanks for your responses in advanced.




BC AdBot (Login to Remove)


#2 JohnnyJammer


  • Members
  • 1,122 posts
  • Gender:Male
  • Location:QLD Australia
  • Local time:05:59 PM

Posted 13 October 2014 - 06:50 PM

Yous hould be fine mate, the only advantage would be to have 2 global catalog servers or replicate the data between servers using dfsr. Seizing FSMo roles can eb a hassel but not impossible.

Demote it and make it a member and then rmove from the domain.

#3 x64


  • Members
  • 352 posts
  • Gender:Male
  • Location:London UK
  • Local time:07:59 AM

Posted 15 October 2014 - 07:13 AM

Assuming that you do not have other servers apart ftom the 2012R2 server and the 2003 server, then It's probably best to get rid of the 2003 server. It will not be supported from mid next year anyhow.. I can't think of an advantage of heeping the 2003 server in what would otherwise be a single server scenario.


In theory it is just a matter of demoting the server from being a domain controller using dcpromo. If it was ppreviously an Exchange server or a Certificate server, you will probably neeed to get rid of those roles first.


Bear in mind there are FIVE master operations roles - have you transferred them all? (extra marks for transferring schema master without reference to documentation :rolleyes: )


You would also need ot ensure that all DNS clients on your network have been repointed to the new DC's DNS before demoting the old one and removing it's DNS roles. These setting might be statically assigned on network adapters across your network or rolled out via DHCP options.


Sometimes I see fragments of the old domain controllers left in DNS after a DC demotion. Whilst cleaning these up is not rocket science, cleaning up the wrong records could be... well... embarrassing!... Ask for advice if you think some of these records remain, and you are unsure what to clean up. Additionally the delegation for the _msdcs zone from the main DNS zone may not be correcly changed automatically - it is worth tidying that up as well...



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users