Questions

Cannot remove DC from Domain

Tags:
+
0 Votes
Locked

Cannot remove DC from Domain

musenwaid
Hi

Im am trying to demote a domain controller but im getting the follwing error

'The Operation faile because:

A domain controller could not be contacted for the domain <domain name> that contained an account for this computer. Make the computer a member of a workgroup the rejoin the domain before retrying the promotion.

"The specified domain either does not exist or could not be contacted"'.

The server is not the last DC and i can ping the the oher DC
  • +
    0 Votes
    netwrk_admn

    Is your DNS set up correctly, did you by chance remove the DNS server from the admin tools?

    What OS are you running, any other details?

    +
    0 Votes
    Churdoo

    As netwrk said, DNS may be broken or improper, and/or replication is broken. Why are you demoting, to "fix" a problem? If so it's likely that the same problem is interfering with a clean demotion.

    Easiest thing will be to make sure DNS is working, the DNS in the TCP/IP properties should contain the IP of a DC that's staying a DC, and you should check that replication is working either by viewing the Event Viewer and by forcing a replication in AD Sites and Services.

    If you cannot get things to play well and you want to force the demotion anyway, you can use the /forceremoval switch on DCPROMO, proceed with the forced demotion, but then you'll have to do an NTDSUTIL / METADATA CLEANUP on your remaining DC(s) to remove the metadata of the old server from the active directory.

  • +
    0 Votes
    netwrk_admn

    Is your DNS set up correctly, did you by chance remove the DNS server from the admin tools?

    What OS are you running, any other details?

    +
    0 Votes
    Churdoo

    As netwrk said, DNS may be broken or improper, and/or replication is broken. Why are you demoting, to "fix" a problem? If so it's likely that the same problem is interfering with a clean demotion.

    Easiest thing will be to make sure DNS is working, the DNS in the TCP/IP properties should contain the IP of a DC that's staying a DC, and you should check that replication is working either by viewing the Event Viewer and by forcing a replication in AD Sites and Services.

    If you cannot get things to play well and you want to force the demotion anyway, you can use the /forceremoval switch on DCPROMO, proceed with the forced demotion, but then you'll have to do an NTDSUTIL / METADATA CLEANUP on your remaining DC(s) to remove the metadata of the old server from the active directory.