Showing two domain controller DC and GC on AD server, Need to remove old DC

0

I was abc AD server 2008 r2 with single domain controller on it and its working fine but due to issues in some roles on abc, I have create another xyz server and replicate with abc.

Now I've remove ABC server from network and changed the setting on PDC,RIP,infrastructure on xyz server.

Now On xyz server, Showing two Domain controller abc(as DC) and xyz(as GC) and getting event 1863 :This directory server has not received replication information from a number of directory servers within the configured latency interval.

I'm confuse with DC and GC ?

Goal : I need to remove abc(DC) domain controller on xyz server, If I delete this, then My AD will work? because server is working on live! So It is safe way? Suggest me?

Nullpointer

Posted 2016-07-08T07:23:39.800

Reputation: 152

Answers

0

The problem you have is that you either didn't demote the old domain controller or you did and it didnt demote cleanly.

First, make sure all FSMO roles for both the forest and domain have moved to the new DC. Do this by running the command: Netdom Query FSMO

If any roles show as being on the old server, you need to "sieze" these roles. This Microsoft Guide will show you how to sieze each of the roles.

If the server is still online, remove the AD role by doing a force demotion:

dcpromo /forceremoval

To force the removal of a 2008 Domain Controller if the old DC is no longer alive and up - you need to perform the steps in This Microsoft Guide

For completeness sake:

  1. Delete the Domain Controller from AD Users and Computers (DSA.msc) enter image description here
  2. Confirm the deletion when prompted: enter image description here
  3. Delete the machines NTDS replication settings from AD Sites and Services: enter image description here
  4. Delete the serve itself from AD Sites and Services: enter image description here

The AD Sites and Services can also be done via command line using the following commands:

ntdsutil
metadata cleanup
remove selected server <ServerName>

Fazer87

Posted 2016-07-08T07:23:39.800

Reputation: 11 177

I can't delete the AD role bcoz all client are connected with AD. Old domain controller abc is DC(Now not connected) and new xyz is GC. Simply I delete abc on site also then AD will working? and output of Netdom Query FSMO , xyz.name.com – Nullpointer – 2016-07-08T09:38:58.173

yes you can delete the AD role from the old server. If the server is not connected, it isn't serving anything so you should be able to remove the machine through ADUC and ADSS and have all the machines only talk to your new domain controller... unelss there is something in your server config you havent explained yet. – Fazer87 – 2016-07-08T09:46:59.220

Let I do with cross finger; Hope to get success.. – Nullpointer – 2016-07-08T10:54:13.033

It should be ok - if the server is not in service, removing a reference to it shouldnt make any impact. The only other place you may want to check is DNS to make sure that the new xyz server is an owner of any zones you have. – Fazer87 – 2016-07-08T11:24:58.307

Asked: 2016-07-08T07:23:39.800

Viewed: 1 021 times

Active: 2016-07-08T09:21:51.650