Remove active directory from this computer without updating forest metadata

30-Mar-2019 03:40 by 8 Comments

Remove active directory from this computer without updating forest metadata - conjugal dating site

Ace Fekay, MCT, MVP, MCITP EA, Exchange 2010 Enterprise Administrator, MCTS Windows 2008, Exchange 2010 & Exchange 2007, MCSE 2003/2000, MCSA Messaging 2003Microsoft Certified Trainer Microsoft MVP: Directory Services Active Directory, Exchange and Windows Infrastructure Engineer Original Publication: 10/9/2010Updated 12/27/2011 – added time service configuration info.I’ve written this blog because this question has come up numerous times in the forums, newsgroups, and from colleagues.

You should now find the old DC computer object in the Computers Container. Change DNS settings to it’s own IP address (to itself). If no other DCs are in its own Site, choose one across the WAN with the fasted link.

Make sure Exchange 2003 is not using this DC for OAB or RUS. If Exchange 2007 or 2010, Exchange will automatically discover the change. If not sure how or options to choose, read the following links.

If Exchange is installed on the DC, this introduces a huge complexity and would involve moving the Exchange installation to another Exchange server first. Removing a Domain Controller from a Domain Updated: January 5, 2009Applies To: Windows Server 2008, Windows Server 2008 R2 a domain controller: Active Directory Updated Jan 21, 2005Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Keep in mind, you can’t simply unplug a DC and be done with it, such as you could do in the Windows NT4 days.

There are numerous ramifications involved with a domain controller in the AD database and AD functionality.

Other DCs will still think it’s there and will try to replicate to it because it’s still in the AD database. Now if the domain controller has been unplugged and offline for more than the tombstone lifetime, (60 days for Windows 2000, Windows 2003 SP0, or 180 days for Windows 2003 SP1 and all newer operating systems), you will need to run a Metadata Cleanup to remove the DC.

This is due to the scavenging period that AD will keep deleted objects or objects that have not been in communication with such as a domain controller.There are other very well qualified blogs, posts and tech articles on these steps.I thought to outline the steps with adding links for each appropriate step to explain how to do it if one is not sure of the steps.When a CA server is uninstalled or crashes beyond recovery some objects are left in Active Directory.It’s good practice to remove these obsolete objects.If you transfer the PDC Emulator FSMO role to the new DC, you will need to configure the time service on the new PDC. On your edge firewall, make sure UDP port 123 traffic is allowed inbound from the time source to the new PDC Emulator.