Tuesday, February 4, 2025
Latest:
NETWORK ADMINISTRATIONSWindows server

How to Demote a Domain Controller running Windows Server 2016

Alice AUSTIN

In this video, you will learn how to demote a domain controller running Windows server 2016. These steps should also work on a servers running 2012 and up.

Video Summary
There are times when you need to remove a domain controller and you must follow the proper steps to fully remove a it from the network. In this video I will show you two options for removing a domain controller.

Option 1: Using the server manager wizard. (Microsoft Preferred option)
Option 2: Manually removing the domain controller (Use this option if the server is dead and you can no longer access it)

Both options will automatically remove the domain controller metadata if you are running server 2008 and later. If you are running server 2003 or earlier you will need to run the ntdsutil command to cleanup metadata.

FSMO roles will also get moved during the removal process. You can check the FSMO roles by running the command “netdom query FSMO”

Written version of this tutorial

How to Demote a Domain Controller (Step-by-Step Guide)

For more Active Directory tutorials and tips check out my site

Active Directory Pro – Tools & Resources for System Administrators


source

windows server

Alice AUSTIN

Alice AUSTIN is studying Cisco Systems Engineering. He has passion with both hardware and software and writes articles and reviews for many IT websites.

You May Also Like

Redirecting/Restricting DNS with pfSense

58: How to Create A PHP Contact Form | PHP Tutorial | Learn PHP Programming | HTML Contact Form

New IMAP Email Extractor 2020

10 thoughts on “How to Demote a Domain Controller running Windows Server 2016

  • What if I do have DNS delegation to allow a sub-domain to be managed by a vendor, and don't want to remove it from my other AD servers? Do I still keep that box checked, or uncheck it?

  • Thank you. I do have a question/concern. My domain is a single forrest domain that is at a functional level 2012R2. I have had a 2012R2 second DC for a while. Today, I added a 2022 DC to my environment and want to remove the second 2012R2 mentioned earlier.

    When I ran the netdom query fsmo command I noticed that all the roles are assigned to the one I want to remove. Other contributors recommend against letting DCPromo demote reassign the 5 FSMO roles but you seem to indicate it will do that as a part of its function. Should I run through the manual process of reassigning these roles or just demote this one and move on>

  • Extremely helpful & very well presented 👍
    Thx from Munich… 😉

  • Props, I discovered I am blind and missed the very obvious blue button to demote the DC.

    Thank you for your work!

  • i received this error, while demoting AD DC.

    The operation failed because:

    Active Directory Domain Services could not find another Active Directory Domain Controller to transfer the remaining data in directory partition DC=ForestDnsZones,DC=ad,DC=company-name,DC=com.

    "The specified domain either does not exist or could not be contacted."

    what is the fix for this ?

  • Yes, thank you very much it's been a while since I've had to demote a dc and your video made my life easier than expected tonight to demote my Server 2022 DC

Comments are closed.