How to demote a secondary domain controller 2003

How to demote a secondary domain controller 2003

click Operations Manager. Go to “Active Directory Domains and Trust” → Select your Domain and select properties. Figure 2. If FSMO roles/GC are not seized from the DC, you will get a message to transfer the roles to another DC. Sep 24, 2022 · Option 1: Demote a Domain Controller Using Server Manager. . Reg1145 wrote: Dec 29, 2010 · MS recommended best practice is for all DCs to use themselves for primary DNS. Ensure that the correct DC is selected, then click Next. This interface skips the Server Selection page. Feb 2, 2008 · The easiest thing to do is run DCPROMO again on the server that you want to demote (stop being an AD controller). Open a PowerShell Admin prompt and run the command as shown below. 0 I want to demote it to a standard server role, but keep it as the terminal server for Solomon 5. After the demotion is complete, log on to the additional Domain controller as a local Administrator. I am replacing the 2003 with a Win Server 2012 R2. However, I'd just like to point out that it's good practice to have at least two DC's in an enviorment. com ] node. 3. Type dsa. Microsoft’s recommended this method for removing a domain controller. The server will be demoted and will remain as member server. But before I do so, how do I gracefully demote this server so that I can rebuild the server with Sep 10, 2023 · Now click change to transfer the role to another DC. Follow each command with a. This is self-explanatory. Promote this server to a domain controller. Verify/Make the new system a Global Catalog. If one of the FSMO roles is found on the domain controller, you will be asked to transfer FSMO roles to another DC first. Twitter: @SifuSun Dec 5, 2023 · As long as your domain forest and functional level is 2012R2, you can join and promote a 2022 DC. If all of that is working, then it SHOULD work. In this window, you will see: Domain Functional Level: and. There's a couple ways to remove a domain controller. If the old domain controller also had a DNS role, then we also need to remove the server from the Name Servers in the DNS Manager. This is the sixth part of the ongoing video series on How to Mig Apr 17, 2024 · Demote a Domain Controller Using Server Manager. Migrate the FSMO roles to your new domain controllers. Trying to use Active Directory Domains and Trusts tool: right click the Active Directory Domains and Trusts [ dc3. Sep 10, 2023 · Step 3. Make sure DNS on DC2 shows the replicated info from DC1. It is working fine but it is actually a desktop pc very very slow. No additional configuration required with loopback IP vs. just run an IPconfig /release, then ipconfig /all and make sure the second DC is listed. Select Object and uncheck Protected object from accidental Deletion and then Click OK. Global catalog is installed. Apr 21, 2024 · Open Server Manager, click Manage and then Remove Roles and Features. My first order of business is to demote a couple of old domain controllers. samdom. In the run, type dcpromo to open the Active Directory and then click next. Power the old server up and remove it from AD before reformatting the hard drive. Click on the Manage tab and then select Remote Roles and Features. When you use this method you dont need to update and DNS settings, DHCP scopes, or DHCP relay agents. Finally, demote the old server and power it down. These two domain controllers have not synced for more than the tombstone lifetime. Jul 28, 2009 · From another domain controller, open a cmd window (START, RUN, CMD) and type the following commands EXACTLY as shown in the table below. This is a step-by-step guide for demoting an Active Directory Domain Controller, both gracefully and forced. Install the AD role which should also install DNS. example. I am currently moving RID, PCD, and Infastructure roles to a secondary 2003 server, with buckets, and buckets of bandwith. Shutdown the old DC to see if everything ok. using its own IP. To transfer the schema master role follow these steps. I have tried to direct upgrade from mounted ISO. If Certificate Services is not removed, you will get a message to remove it first. Hello Everyone Welcome to my YouTube channel ROHIT TECH Today in this video i am going to show you how demote (Domain) Active directory in Windows server 202 Duplicate your full DHCP configuration on the second DC. Jan 13, 2008 · The secondary will be kind of backup server in case the primary is down for any reason the secondary can replace until it comes up and running again. Migrate the application and server roles from the existing domain controllers. transfer the FSMO roles to the new server, then demote the old server using dcpromo again. Type metadata cleanup and press Enter. 1) Use DC02 to seize the FSMO roles (assuming they belonged to DC01 before the demotion). To do this click on start then type mmc. Feb 8, 2018 · Demoting Domain Controllers and Domains (Level 200) Learn more about: Demoting Domain Controllers and Domains. On the Prerequisite Check screen, select Install. Nov 10, 2010 · 4 Spice ups. Nov 24, 2017 · Once you decide to retire a Domain Controller, it is advised to use DC Promo to demote it which removes the NTDS Settings object. If it is then use nslookup to make sure that the DNS service is resolving URL’s. dll. May 27, 2019 · Active Directory Migration Video Series on Windows Server 2003 to Windows Server 2016 / 2019. You can follow this guide to perform metadata cleanup - https://community Feb 4, 2018 · First, open the command line or PowerShell with administrator privileges. The new DC took the default name of the Dell service tag, and I want to rename it with our company’s standard naming convention (ie: DC02). Opt to Delete this Domain Controller anyway. 7, Transfer FSMO roles to the new DC if needed. Run this command on CMD nltest /dsgetdc: [FQDN] and verify you are connected to the new domain controller. Click Yes on the following prompt. Click next and follow the wizard. If you want to verify that all DNS entries were deleted after you demoted the DC, you need to know the host name, IP address, and the objectGUID of the DC. For the rest of the screens, select Next. Apr 23, 2019 · 0. If all good set rest of clients to the new DC. but due to corrupt files and OS, I plan to rebuild. Follow the instructions Importtant a new domain must be like : xy. Winlogon Automatic Restart Sign-On (ARSO) Enables lock screen applications to be restarted and available on Windows 8. Mar 9, 2023 · Go to the Attribute Editor tab and check that the new DC name appears in the msDS-AdditionalDnsHostName attribute. My domain controller is a windows 2003 server and it has exchange server 2003 running on it. Uninstall-ADDSDomainController. Click start and the run on a domain controller. 2. Dec 9, 2011 · Promote system to a domain controller ( dcpromo) Transfer FSMO roles. Ideally I want to remove DC-DR and keep DC-PROD and then add back DC-DR because I still need a DC in the disaster recovery site. serverfault. 2) Clean the orphaned DC from active directory. Jan 11, 2010 · Objective: Trying to replace a Windows 2003 SBS domain controller with a windows server 2008 Standard Edition Domain Controller. The secondary(DC2) died and could not replicate. Power down the SBS server for good. Mar 11, 2022 · Professor Robert McMillen shows you how to perform a Metadata Cleanup on a Domain Controller on a windows server. Then, right-click the domain controller you want to remove and click Delete. May 23, 2020 · Set the clients to dynamic IP. you may also want to check the replication status of your new server using repadmin /showrepl. exe from the terminal. Not really. Where <-servername>, is the name of a working DC in the same domain. Sep 18, 2018 · I ask because when we removed 2003 DC before we were left with remains of the DCs object in the Active Directory and when we tried install another server with the same computer name and tried to promote it to become a Domain Controller it failed because the DCPROMO process will still found the old objects and therefore refuse to re-create the Nov 15, 2021 · Prepare the physical/virtual resources for the domain controller. Demoting a Domain Controller with DCPromo. Your computer will re-register itself on DNS. exe) to force demotion if a required dependency or operation fails in Windows Server 2003 or in Windows 2000 Server. Wait some time for replication to take place. Removes Roles and Features. Be sure to document exactly which domain controllers host them since we will be referencing this document later. Sep 10, 2022 · How to demote an Active Directory Domain Controller video. You can google the specifics of each step. g. Jul 6, 2023 · You can demote your domain controller using the Server Manager. msc and press Enter to open Active Directory Users and Computers. I have a main domain controller dc1 on a physical host and 2 additional domain controllers on virtual machines, dc2 and dc3. run DCPROMO on the DC in question and follow the prompts to remove it from the domain. Password for [SAMDOM\administrator]: Sep 18, 2017 · Just added a secondary DC to our domain to provide fault tolerance. The ServerManager cmdlets Uninstall-WindowsFeature and Remove-WindowsFeature prevent you from removing the AD DS role until you demote the domain controller. What I did: used ADPREP. Press Windows + R to open the Run window. 1 Spice up. I know how to demote a domain controller (done it before) but I need to do it for two physical old DCs on a much more 'important' and strictly controlled domain than that which I previously did it for. May 18, 2023 · May 18, 2023, 5:37 PM. Domain Controllers running Windows Server 2012 R2 block the creation of duplicate service principal names (SPNs) and user principal names (UPNs). Wait 24 hours. It is also a terminal server hosting Microsoft Dynamics Solomon 5. (wait a week) Demote Second Server 2003 DC. Ntdsutil. Forest Functional Level: Below each one, you will see an indication, of Windows Server 200 or Windows Servers 2003 or Oct 15, 2009 · Then you need to make sure it is not a role holder or performing any services. ) May 21, 2024 · To start the decommission process, remote on to the existing domain controller as a domain admin and run a command prompt as the administrator. Select the old domain controller. Click on next before you begin the window. May 11, 2023 · Open the Active Directory Sites and Services from the start menu. 1 devices. How to demote secondary domain controller in windows server 2008 R2. 4. This video demonstrates how to properly demote a domain controller in Windows Server 2012 R2. Dec 2, 2015 · Support NLB Solutions - https://www. Select the server you wish to demote and then click the next button. Click Retry. If the A record does not appear, run the command: ipconfig /registerdns. 8, Demote the old DC if needed. No SYSVOL rsync has been setup, and the new vm on dc3 works correctly. Click OK. Select the additional Domain controller that you want to demote and click Next. davebryant9812 (Ommer) March 26, 2010, 9:58am 2. The final step involves removing the server from Active Directory Sites and Services: Open Active Directory Sites and Services (ADDS) from the Start menu. Also migrate the time server settings to the new PDCE that you choose. So we will have 2 domain controllers running Server 2012 R2. Click on Manage > Remove Roles and Features. May 9, 2012 · Domain controllers don't demote - Windows Server Fixes the problem where domain controllers may not demote gracefully when you use the Active Directory Installation Wizard (Dcpromo. This is Microsoft’s recommended method for removing a domain controller. Sep 15, 2020 · Two week should be ok because tombstone lifetime is 60 days or more (it depend of domain controller operating system ). This allows you to remove active directory on the system without removing all it's records on the other domain controllers. com as partner server for the demotion. 3 Demoting a domain controller using the Active Directory Installation Wizard. theitguy107 (theitguy107) July 13, 2023, 4:03pm 14. Hope you enjoy this post. Removing the AD DS Role to Demote the Domain Controller. If its not it will restart every 60 minutes after a migration period (i think its 7 days) There is no way you can use a SBS2003 and SBS2008 in the same domain. It is not necessary if you are connected to the domain controller whose role you want to transfer. Other parameters can be added to Uninstall-ADDSDomainController to reflect the options that are available in the Active Directory Domain Services Configuration Wizard. In SITE-PROD let’s call it DC-PROD and in SITE-DR lets call it DC-DR. Share. Demote First Server 2003 DC. Secondary DNS should be set based on highest availability and highest access speed. I have also managed to transfer all the DC roles (operations master,schema,pdc) into the Server 2008. TPM Key Attestation. The wizard will be displayed immediately. Stop and disable the DHCP service on it. The netdom command must also register an A record for the new domain controller name in DNS. Give everything time to replicate. Jun 12, 2018 · Demote Windows Server domain controller – via dcpromo. Right-click the Domain Controller (which you would like to demote it) and select Properties. Microsoft recommends using this technique to get removal of a domain controller. Uninstall-ADDSDomainController -Credential ( Get-Credential) -ForceRemoval. Jul 14, 2016 · Otherwise, this concludes the process of removing Active Directory & DNS roles in order to retire the source server from your domain. Expand Sites > Default-First-Site-Name > Servers. Aug 22, 2022 · It can be used to automate demotion if you have additional domain controllers in your Active Directory. Type connect to server <-servername> and press Enter. Ok so DC2 is still my print server and i would like to leave it that way. Mar 28, 2024 · To force demotion of a DC, perform the following steps: From the Manage menu of Server Manager, select Remove Roles and Features. Monitor the DHCP service for availability on the first DC (e. If you use the loopback it will still work, even if you change the DC/DNS server's IP, such as in OPs scenario. Right-click the icon next to Active Directory Users and Computers, and then click Connect to Domain Controller. deanlowe2 (deanlowe2) August 7, 2015, 7:04pm 1. You can even remove it from the domain if you really want to, or just by deleting the Computer object from Active Directory forever. Open Server Manager → Remote Roles and Features → uncheck Active Directory Domain Services in the Server Roles section. In the Before You Begin section, click Next to continue. Appreciate your replay in advance. Take default choices throughout the domain controller promotion / demotion process, being sure not to indicate that this is the last domain controller in its domain (unless it really is and you're really sure you want to do that). Click Start, click Run, and then type the following command: 2. In the Server Selection, please make sure that select the server which you are demoting. You can't. Oct 9, 2013 · shouldn’t need to. Then, click the Remove Features button on the small window. Select the server. Run DCDIAG on both machines to ensure everything is replicating without errors. If you have a DC that won't restart, this i Aug 24, 2020 · Once there, click on Manage. Finally, we raise the Domain and Forest functional level. 5. If the domain controllers were not able to communicate when you demoted DC01, then you need to take the followings steps. Click Delete and confirm the action again by clicking Yes. Step 3. It's still good practice to go through the sites & services console and then the DNS zones to cleanup any leftovers and to ensure that there were no manually created site links Jul 11, 2012 · I have this domain controller which happens to be the first domain controller in the forest having schema owner and domain role owner roles. Click Demote this domain controller. Domain joined computers will get their time from a DC, the other DCs in a domain get their time from the PDCE by default. Jun 22, 2015 · Provide the New Password for the Administrator account local to the Domain Controller to access the Standalone Server after demote the Domain Controller. 1 Removing domain controller. Type in dcpromo. Then simply run dcpromo and remove it from the domain. Open up a command prompt with Administrative Privileges and navigate to the /support/adprep folder on the installation media. On the Domain Controller options screen, enter the Directory Services Restore Mode (DSRM) password and select Next. Indcate vshether this is the last domain contrôler h the domain. Next, enter or select the existing domain you want to add the secondary domain controller to. IF you are using Windows 2003 DC's, the concept of Primary and Secondary Domain Controllers no longer applies. Now I am trying to Aug 25, 2015 · 1. 2- If the domain controller is already powered off or has failed then we need to remove the remnants of old one from active directory. Force the removal of this domain controller option is used to remove the last domain controller in a domain. Select “Add a domain controller to an existing domain”. (wait a week) Promote Server 2012 R2 server to Domain Controller. Using DC1. Click next on the “Before you begin page”. xy. Feb 14, 2015 · In this Screencast , we demonstrate how to demote the last Server 2003 Domain Controller in the forest ans raise the Domain/Forest functional level. Click Start, type cmd, right click select Run as administrator. Open Server Manager. Their are a total of 5 roles you need to locate. It must hold all FSMO roles and be a global catalog server. but you should not make the Exhange server the Global Catalog server, if you must use Exchange in an AD and mail roll then use DC2 for autentication and make DC2 the Global Catalog. Schema Master Domain naming master Jun 16, 2022 · Active Directory Domains and Trusts. Figure 3. After the machine completes the process and Dec 18, 2013 · At that point, the steps I would follow would seem to be: Raise Domain Functional Level to at least Server 2008 R2. Under Server Roles, uncheck the Active Directory Domain Services role. Select Manage ->”Remove Roles and Features”. Step1: After Installing the 64 bit version installer the Role Active Directory domain controller with the Server Manager. (I know that may be a pain and not within the scope of what you have been tasked with but its no longer supported. Didnt work. Type connections and press Enter. Jul 3, 2023 · In this guide, you will learn how to demote a domain controller node in a Windows Server environment. 5, Add ADDS role and promote the new server as Domain Controller. On the Server Roles section, uncheck the Active Directory Domain Services checkbox. Selecting Force the removal of this domain controller demotes the domain controller without removing the domain controller object's metadata from Active Directory. Demote the DC: # samba-tool domain demote -Uadministrator. Prepare the AD Schema for Server 2012 R2. Leave it off for a a couple of days to ensure everything is working. — NetoMeter (@netometer) March 28, 2015. Nov 4, 2023 · There are 3 Domain Controllers in my environment, all running Windows Server 2016 Standard: Primary DC : On-prem (FSMO role) Secondary DC : On-prem; Tertiary DC : Cloud; I want to upgrade The domain environment to Windows Server 2022. Once the demoted domain controller restarts (or from one of the remaining DCs), from a PowerShell session or Windows Command Prompt, rerun the netdom query fsmo command as shown in Figure 3. dc2 has been shut down some time ago, and the machine hosting it is going to be retired soon. com !!! Jul 31, 2023 · Demote Domain Controller Using Server Manager. If at any time you need to go back to DC1, just take DC3 and give it a different IP, and give DC1 it’s old IP and reboot it. Next, click File, then Add/Remove Snap-in. 6, Repeat step1 to check AD environment health. Oct 6, 2022 · Selecting the Target Server. Expand Sites > Default-Fist-Sites-Name > Servers. Please follow the following steps to demote 2003/2008 domain controller. In the Server Selection section, select DC and click Next to continue. Run dcdiag/ repadmin and so on to make sure everything transferred. If that fails you’ll have to remove NTDS info manually using ntdsutil. I am demoting server Mar 16, 2024 · Open Server Manager -> Remote Roles and Features -> uncheck Active Directory Domain Services in the Server Roles section. It can be logged in using domain credentials. markreynolds0999 (Mark6076) November 10, 2010, 9:58am 2. Here you will see the summary of the parameter you have supplied while following through the wizard to remove the Domain Controller. Aug 22, 2012 · 2. Apr 19, 2023 · Step 2 Next, we move all FSMO roles to a Server 2012 DC, reconfigure the time service, and demote the last Server 2003 Domain Controller. In the new window, click the Remove Features button. Oct 24, 2023 · 4. 1- On the domain controller to be removed; remove the active directory domain services from Server Manager Add / Remove roles. So i had to seize all fsmo roles to the primary ( DC1) and then deleted the DC2 from Active directory users and computer, and also site and services. Primary and secondary domain controller . Then, click on Remove tools and Features. Click Next on the Before you begin screen. Do not install the DNS function!! important!! step2: Start dcpromo. Type ntdsutil and press Enter. We can now promote the server to a domain controller. Removing Active Directory converts this domain contidler lo a member server. May 7, 2019 · 14. Step 2. The Active Directory Domain Services Configuration Wizard appears. Locate the Domain Controllers folder. During these steps, we will add the new domain controller to the existing domain. poll it every hour with a script or something similar). Patch the servers with the latest Windows updates. com/NLBSolutionsIn this video I am going to show you how you can demote (decommission) Windows Server 2012 R2 Dom Feb 28, 2024 · If the target DC hosts FMSO role , move them again to this Domain controller; If you have only one domain controller in this domain , you can perform the following steps: Promote another domain controller in temporary machine; Move FSMO roles to temporary Domain controller; Demote domain controller and convert it to member server; Rename Server Nov 11, 2015 · Join DC2 to the domain. Transfer FSMO’s to new DC. 3) Promote DC01 to a domain controller. You need to demote the 2003 one and then you can introduce the 2019 DC having raised the functional level. Instructions are in the help link when you run dcpromo /forceremoval, or here Aug 31, 2016 · Right-click Active Directory Domain Services in the Roles and Features list and click Remove Role or Feature. Improve this answer. johnskiba2306 (Uncle Boop) October 9, 2013, 6:58pm 8. The promotion to domain controller went fine, and the new DC shows up properly in Active Directory under the Domain Controllers OU along with the primary DC (DC01). Press Next to continue. Promote it as a domain controller in your existing forest/domain. Yea tried that. DCPromo will demote the box gracefully and, in the process, transfer the FSMO roles to another AD controller. It can be restarted if necessary. librarian (The Librarian) December 29, 2010, 10:48am 3. Mar 26, 2019 · 2. This will begin the Active Directory Installation Wizard. The primary is a Win Server 2012 R2 and the secondary is a Win Server 2003. Jan 31, 2023 · After the installation of AD DS is completed, you can click on Close. You will be prompted to remove Active Directory. Cary Sun. During “Off hours” reboot one DC at a time and check logs for any errors (you may have to wait like 10 minutes interval). Professor Robert McMillen shows you how to demote a domain controller in Windows Server Jan 5, 2022 · On the Deployment Configuration screen, select Add a new domain to an existing forest and select Next. 0. Aug 6, 2023 · FIGURE 3. I will guide you through the steps of preparation, demotion, and checks to make afterward. This isn’t my first rodeo show, but after talking to the other sysadmin and all his worries about DNS breaking, sites and services acting up, it has me Aug 7, 2013 · Enter and confirm the password for the Local Administrator account and the demotion process runs as shown in Figure 2. Nov 8, 2023 · Choose the Demote this domain controller option. Locate all 5 FSMO roles so you know which Domain Controllers are hosting them. patreon. Several possible snags are mentioned, including DNS, FSMO role Sep 22, 2021 · In each site there is 1 domain controller. Aug 8, 2018 · So i have two AD ( DC1 & DC2) . Aug 7, 2015 · active-directory-gpo, discussion. Assign a dedicated IP address to the domain controller. 1. With the dcpromo /forceremoval command, you can demote the domain controller to the member server. Dec 28, 2015 · Make the 2012 server a Global Catalog server. Follow the instructions on the next few screens to demote the additional Domain controller. Mar 26, 2010 · How to add Additional DC for Exchange. May 17, 2023 · Demoting an additional domain controller requires Domain Admin credentials. answered Oct 15, 2009 at 18:06. To force demotion of a DC, perform the following steps: From the Manage menu of Server Manager, select Remove Roles and Features. This may leave you with multiple DCs using the same secondary depending on your topology and equipment. If a DC stay offline during a period exceeded the tombstone lifetime, it will be able to replicate with others replication partners and you have to demote it using metadata cleanup , rebuild it and promote it again. And you are presented with a dialog: The domain naming operations master ensures that domain names are unique. Please give me step by step procedure to demote secondary domain controller in windows server 2008 R2. Please click on next. How To Remove Or Demote Additional Domain Controller(ADC) In Windows Server 2019. Mount the Server 2012 R2 installation disk on one of your Domain Controllers. Remove Windows 2003 AD Server. Click Next. Then all user accounts and OUs are successfully replicated into the 2008 server. I have a network running 2 domain controllers. If this server is a Global catalog, a warning will also appeared. Sep 8, 2021 · If things are fine after a day or several, power back on DC1 and demote it. If all is done, we could add the Windows server 2019 to existing domain. Use ntdsutil from a good domain controller to remove the problem server from active directory. Now, it should fix the issues and demote the old Domain Controller server successfully. NOTE: If you are not on the domain controller where you want to transfer the role ,you need to take this step. beta5955 (beta) November 10, 2010, 9:59am 3. 0rr if this is the last domain controller in the domain, it wil become a standalone Stiver. Install Windows Server 2022 Standard/Datacenter. Step 1. Step 7. You really want to get rid of the 2003 box as soon as possible. and click the icon. Replace the words inside angle brackets (<>) with the name of the server to be removed, otherwise the commands should be typed EXACTLY as shown below. In this example, I show you how to gracefully demote a domain controller from an active directory domain, and then show you how to force remove an offline domain controller from Oct 4, 2023 · 2. Nov 18, 2013 · Step 3: Locate which Domain Controller(s) have your FSMO Roles. I had initiated the promotion of this second server as a "new domain on an existing forest". On the next screen, Active Directory will pop up a warning that a Global Catalog server needs to be made available. Now it is time to select the server on which the Domain Controller will be demoted. Oct 29, 2007 · I already have a domain controller running fine but had added a second Windows 2003 server as a backup. This question is outside the scope of this site (for consumers) and to be sure you get the best answer it should be asked either on Technet (for IT Pro's) or MSDN (for Oct 26, 2010 · The SBS must be a domain controller that is installed on the root of the domain. On the Remove Server Roles screen, clear the box labeled Active Directory Domain Services, and click Next. In my world Exchange will use any DC’s that are in the AD rep roll. May 7, 2019 · Learn how to remove or demote a child domain in Windows Server 2019 with this step-by-step tutorial. In the Server Manager, click on the flag/warning icon and click Promote this server to a domain controller. In reply to Demoting domain Feb 6, 2021 · 4. Jul 7, 2009 · Open up Administrative Tools on one of your Current Domain Controllers. Right-click on the old domain controller and choose Delete. Uncheck the Remove management tools if you want to keep them. Observe clients who looking to the new server and pay attention on login times. Jul 22, 2009 · Start / Run / dcpromo. Mar 23, 2021 · Demote domain controllers checklist/gotcha's. Since 2008 R2 you can literally just right-click and delete the computer object through the AD Users & Computers console and it will do the metadata cleanup for you. I’ve joined a new company with an inherited messy active directory. Check the Event logs from the 2 DCs to see any errors. In the server manager click the yellow icon at the top and click “Promote this server to a domain controller”. Next, you need to open an MMC console. Install the AD DS role. Open a command line and run the command regsvr32 schmmgmt. Demote old system (dcpromo) Double check DNS zones & AD to make sure old system was removed. In addition, we go through the recommended Active Directory healthcheck steps and cleanup process. May 14, 2012 · On the problem server, run dcpromo /forceremoval. Due to any reason, if the demotion turns out to be unsuccessful, Active Directory will retain few objects of the DC which will cause errors. If possible, bring up the new server and make it a DC. jf wi xx lk gy fs kk xj xo ek