1

I've got a sub-domain controller I created a year ago, but never actually did anything with. I've had the server shutdown since then. It's time for the controller to be deleted, but I'm not sure how to get it out of the forest.

In AD Domains and Trusts it has a Parent-Child relationship with the primary DC, but I don't know how to remove it from the parent. If I can remove it from the parent, I'll just delete the VM and call it a day, I'm just not sure how to do that correctly from the parent.

The parent is DC-01 on Windows 2012, and the child I want to remove is DC-04 on Windows 2016. Not sure if it matters they're on different OS versions. I haven't messed with domains in years, and even then it was only enough to create a simple one, so any recommendations would be awesome. Thanks in advance!

Gup3rSuR4c
  • 661
  • 3
  • 14
  • 29
  • 2
    Demote the child DC. During the demotion select the option that this is the last DC in the domain. – joeqwerty Aug 03 '19 at 02:05
  • How can I go about doing that? Do I just remove the role in Server Manager? Whenever I try to run `dcpromo` it just tells me it's been relocated in Server Manager. And do I do it from the parent or the child? Thanks! – Gup3rSuR4c Aug 05 '19 at 23:09
  • You do this on the child Domain Controller, which will remove the child domain - https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/demoting-domain-controllers-and-domains--level-200- – joeqwerty Aug 06 '19 at 00:25

1 Answers1

0

I tried demoting and force demoting the child-DC but because it was shut down for so long it wasn't synced up with the other DCs. Because the process of syncing it up looked ridiculous, I just deleted the VM. I then had to clean up the metadata on the other DCs and I had to use ADSI Edit to finally get it to stop giving me errors. In the end I got it cleaned up, just was a little messy.

Gup3rSuR4c
  • 661
  • 3
  • 14
  • 29