After you have got put in new area controllers there comes a second when that you must take away or higher mentioned, demote the previous area controller. Outdated area controllers can’t simply be merely turned off, they have to be correctly faraway from the area.
In some circumstances although, you won’t have entry anymore to the previous area controller. On this case, we will nonetheless demote the area controller. Solely we might want to use a unique technique for it.
On this article, I’ll clarify each strategies to demote a site controller. The steps beneath can be utilized for Home windows Server 2008r2 and newer, together with Home windows Server 2022.
Getting ready the area
Earlier than we will demote the area controller we might want to test the next factors to make sure a clean transition and keep away from any points:
- Examine replication – We have to guarantee that the replication between the previous and new area controller is working with none error. Use the command
repadmin /replsummary <new-dc-name>to test for any errors. - DHCP and DNS – If the previous area controller can also be working DHCP and DNS, guarantee that these providers are additionally transferred to the brand new area controller
- DNS on shoppers – Be certain that the DNS data on the shoppers (and different servers) are pointing to the brand new area controller. In any other case, they gained’t be capable to log in
- Create a Backup – Create a full backup of the previous area controller and confirm the backup. This fashion you possibly can all the time restore the server in case of any points
FSMO roles will likely be transferred routinely if you demote the area controller. You possibly can test the place the FSMO roles are working with the command netdom question FSMO.
Demoting an lively Area Controller
In case you nonetheless have entry to the area controller then we will simply take away the area controller utilizing the Server Supervisor. Just remember to have checked the factors above earlier than you proceed.
Time wanted: 5 minutes.
- Open the Server Supervisor and go to Handle > Take away Roles and Options
– Open the Server Supervisor (you could find it within the begin menu)
– Click on on Handle > Take away Roles and Options
- Choose the previous area controller
Within the Server Choice, guarantee that the previous area controller is chosen
- Take away the Lively Listing Area Companies
Deselect the function Lively Listing Area Companies. Within the popup click on on Take away Options
- Demote the Area Controller
You’ll get an error that the validation is failed, that is regular. To take away the options we might want to demote the area controller. Click on on Demote this area controller
- Credentials
Within the subsequent display, we will change the credentials, usually you’ll carry out these steps as area administrator and don’t want to vary the credentials.
Just remember to go away the Power the removing of this area controller Unchecked . Solely choose this if you end up deleting the final area controller within the community.
- Proceed with removing
The server might be additionally working DNS. We’re going to take away this as effectively. Just remember to have pointed your shoppers to the brand new DNS server.
Choose Proceed with removing and click on Subsequent
- Take away DNS
Within the removing choices, different providers are listed as effectively that may be eliminated. Ensure the Take away DNS delegation is chosen and click on subsequent.
- Enter New Administrator Password
We might want to enter a brand new administrator password. That is for the native administrator account on the server after it’s faraway from the area.
- Evaluate and Demote
Evaluate the settings and click on on Demote to take away the area controller. The server will restart to finish the method.
- Take away the server from the Lively Listing Websites and Companies
After the server is rebooted we might want to carry out one final step, eradicating the server from the Lively Listing Websites and Companies.
– Open the Lively Listing Websites and Companies from the beginning menu
– Broaden Websites > Default-Fist-Websites-Identify > Servers
– Proper-click on the previous area controller and select Delete
Confirm the Elimination of the Area Controller
Now the previous area controller is eliminated, we might want to guarantee that the whole lot is working easily. On the brand new area controller, open the console and run the command dcdiag. This may test the well being of your area controller and can present any errors.
When you have two or extra area controllers left, then run the command repadmin /showrepl to confirm that the replication between the remaining area controller is working with none errors.
Demote a Area Controller with PowerShell
We are able to additionally use PowerShell to demote the area controller. As an alternative of clicking by means of 9 screens, you possibly can take away the area controller with a few instructions:
# Import the ADDSDeployment module Import-Module ADDSDeployment # Demote the server Uninstall-ADDSDomainController -DemoteOperationMasterRole:$true -RemoveDnsDelegation:$true -Power:$true # Run the next command after the reboot to take away the Lively Listing Websites and Companies Uninstall-WindowsFeature AD-Area-Companies -IncludeManagementTools
Manually Take away a Area Controller
We are able to additionally manually take away a site controller. Is step is just advisable to make use of if you don’t have entry anymore to the server.
- Open Lively Listing and Companies on the lively area controller
- Open the Domain Controllers OU
- Delete the previous area controller
- Click on Sure
- Choose Delete this Area Controller anyway
- Click on on Delete
- Verify it one final time by clicking on Sure
The final step is to take away the server from the Lively Listing Websites and Companies:
- Open the Lively Listing Websites and Companies from the beginning menu
- Broaden Websites > Default-Fist-Websites-Identify > Servers
- Proper-click on the previous area controller and select Delete
If the previous area controller additionally had a DNS function, then we additionally must take away the server from the Identify Servers within the DNS Supervisor.
- Open the DNS Supervisor on the lively area controller
- Broaden Ahead Lookup Zones
- Proper-click in your area and choose properties
- Open the Identify Servers tab
- Delete the previous server from the names server
Additionally, delete the Identify Server file from the area DNS zone and any subfolder.
Wrapping Up
Demoting a site controller isn’t that tough anymore since Home windows Server 2008r2. Loads is completed on background lately routinely, like transferring the FSMO roles and cleansing up the metadata.
The advisable technique to take away the area controller is utilizing the Server Supervisor or PowerShell. Solely use the handbook technique in case you actually can’t entry the server anymore.
I hope you discovered this text helpful, in case you have any questions, simply drop a remark beneath.
