Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Demoting a 2003 DC 2

Status
Not open for further replies.
ison67

ison67

IS-IT--Management
Sep 4, 2007
45
0
0
US
I'm demoting one of the DC's on my network. I'm running dcpromo, just got a few questions. Why does it me to specify an administrators password and is it refering to the Domain or the local admin account?

It's not a GC and it doesn't hold any roles and it not the last one...

Regards,
DJ
 
Sort by date Sort by votes
It is replacing the local admin account. Remeber when you promo the server to be a DC, the local rights are removed. Hence when you demote the server, it puts them back.
 
Upvote 0 Downvote
Demoting when well, but now I'm getting DNS errors, 4011, 4015, and 4004. I'm off to search google, but any help would be great?

Regards,DJ
 
Upvote 0 Downvote
It it was AD integrated DNS, it's no longer going to work on that server, since it's no longer a DC. You need to either remove DNS or configure it as a stand alone DNS server.

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
 
Upvote 0 Downvote
While lookup how to do that, I tryed to remote in from another server and it won't let me. I went to check out the users, I'm a bit confused.. the only two user are unknown and the domain admin... The domain admin account is the one I'm logged on with, but I can't remote in with it... I can't add users either, when I try it says the computer is a domain controller and I need to use AD users and groups...and that's not an option now..

I was thinking maybe I need to reboot, but this is a server at a remote location, so I don't want to risk locking myself out... Please any info that can clear this up, would be great.


Regards,
DJ
Thanks for all the help!
 
Upvote 0 Downvote
I rebooted and now I can reach it remotely... I'll have to wait til the staff gets there tomorrow at noon. As you can tell this is the first one I've demoted.

Ok, We use intergrated DNS and this server was also a DNS server, how do I remove it from intergrated DNS?

Thanks for all the help,
DJ

 
Upvote 0 Downvote
If I uninstall DNS from the server, will it remove it from intergrated DNS on the other DC's or do I still have to go in and remove it from all the records?

Regards,
DJ
 
Upvote 0 Downvote
Just uninstall DNS and you will be fine. The integrated will still be on the other DC's also, make sure none of the existing DC's are pointing their DNS to that demoted server. (NIC Properties)
 
Upvote 0 Downvote
Thanks! Tek-tips is the best!

Regards,
DJ
 
Upvote 0 Downvote

When you say make sure none of the dc's are pointing their DNS to that demoted server? I don't quite follow you. Which records in DNS do I need to delete or change? There are so many under each server. Do I need to through and delete all instances of the demoted server? It just seems like there should be an easier way..

Regards,
DJ
 
Upvote 0 Downvote
no, I am talking about the NIC manually assigned DNS server IP's when you put in the DC's static address.
 
Upvote 0 Downvote
The demoted server will not be able to handle any form of authentication requests, if you keep the zone by making it not AD integrated you will still have those SRV records which will point to your now demoted server along with the possible others. You wouldnt want your other DC's pointing to this as it will be inaccurate, and if you are just keeping it to host a zone for something simple like a website or whatnot, you would only need the pertinent records that relate to that sites zone (www, subdomain, blah, etc..)

Clear as mud?



Cory
 
Upvote 0 Downvote
I know ya'll are starting think I've got to be crazy. But it is clear as mud.... Ok, you say uninstall DNS.... do you mean delete the server I demoted and then delete it from all the entries that list the demoted server in intergraded DNS from the other servers? Or am I missing something?

Regards,
DJ
 
Upvote 0 Downvote
Just uninstall DNS in Add/Remove Programs.

Just DO IT! :)

When that's done, look in DNS on another DC and verify that there are no lingering DNS records pointing to the old server. And make sure all servers that are statically assigned IP addresses aren't configured to use the old server for DNS.

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

andyferris
  • Locked
  • Question
DC Event logs auditing cannot be set by GPO
Replies
1
Views
101
RRankin355
RRankin355
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
230
DrB0b
DrB0b
mangentle
  • Locked
  • Question
What could be the potential causes if a Microsoft Windows Server is experiencing slow network!
Replies
1
Views
324
gbaughma
gbaughma
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
164
DTGMI
DTGMI
DTGMI
  • Locked
  • Question
Win 2003 & IBM X3350 M2 Server (7946AC1)
Replies
1
Views
73
technome
technome

Part and Inventory Search

Sponsor

Back
Top