Windows Server - domain controller demotion

Hello there,
How would I demote an AD domain controller? This is the only box that
is holding the domain.
Would it be easier if I add another box, the second controller on that
domain?
Thank you, T

  Meinolf Weber [MVP-DS] replied to Tester

Hello Tester,

If you demote the one and only DC you have no domain anymore, so you have
to go back to use local user accounts and configure them on each machine.
So if you have the need to keep the domain you have to install an additional
DC/DNS/GC and configure the domain machines to use this also as DNS server
on the NIC. Also if you really will demote the server you have to move the
5 FSMO roles to the new installed machine BEFORE demoting it.

So if you like to install a second one please give some info about the OS
version with SP/patch level in use and which OS version the second DC will
be. Then we can give you more detailed information about the needed steps.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

  Tester replied to Meinolf Weber [MVP-DS]

Hi,
My only DC is W2K3 R2sp2 and I will build a backup server with same
os, version and patch.
I do this just to make it easier to remove the domain completelly
eventually and also to be able fall back also if things go wrong.
Thank you very much, T

WinXP won't clear the DNS cache (can it be cleared manually)? Windows Server In WinXP SP3 "Network Connections", I right the wired "Local Area Connection" but always get an error. How do I clear the DNS cache? Here is the error I always get (even after rebooting): Repair Local Area Connection could not finish repairing the problem because the following action cannot be completed: Clearing the DNS cache For assistance, contact the person who manages your network. Unfortunately, I am the person the home network. How do I repair an Internet connection that will not release the dns cache? (I have a similar problem with the wireless connection which it will not release) Windows Server DNS Discussions Windows XP (1) DNSResolverCache (1) KatspianostudioXXX (1) Address.invalid (1) OFFthe (1) ISPs (1 VPN (1) DeBoynePollard (1) I did try "flushing" the dns cache but it gave a different error: Microsoft Windows XP [Version 5.1.2600] (C Corp. C: \ Documents and Settings \ kathleen> ipconfig / flushdns Windows IP Configuration Could not flush the DNS Resolver Cache: Function failed during execution. I do not know what else to check to see what is locking the DNS cache. What could be preventing the DNS cache from flushing? I found the problem was

AD & DNS Hell - HELP!!!! Windows Server Ok - here is what's going on: 1) Single Forest & Domain R2 2) LAN connects to WAN / Internet via Broadband Cablemodem. 3) No other DC or DNS Services. WINS provided by other Server. I am missing something here, or I am utterly clueless as to AD & DNS Integration. AD & DNS box: LOGOS.kcg.local Question: Shouldn't LOGOS be listed in the AD Computers list It is in DNS (192.168.2.100) Moving on. . . I am regularly receiving this error in EventViewer: Computer: LOGOS Description: Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.KCG.LOCAL.' failed. These records are used by other computers to locate this network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers - Specified preferred and alternate DNS servers are not running - DNS server(s) primary for

2003 member server to a 2008 domain. The forest level and domain level are 2008, DNS is installed on 2 root dc's, but wins is not installed. When i try am prompted for the password, but then recieve the network path was not found. The dns servers are configured correctly and if I nslookup global, the name server is returned correctly is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration. DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller to its IP addresses are missing or contain incorrect addresses. - Domain controllers registered in DNS are not connected to the network or are not running. For information about correcting this click Help. Hello Dylan, Please post an unedited ipconfig / all from the 2003 and the DNS servers, so we can check the settings. Are firewalls in use on the machines? Best www.blakjak.demon.co.uk / mul_crss.htm Hi Meinolf, here is the info for the DNS server: Host Name . . . . . . . . . . . . : ifsmifadc01 Primary Dns Suffix . . . . . . . : ifsmifa.com Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS

new DC / DNS 2k8r2 x64, dns.exe faults / TrustAnchors errors Windows Server I am seeing a wealth of errors on a the first being on the other dc. . I see the following: warning: eventid 4521 The DNS server encountered error 32 attempting to load zone TrustAnchors from Active Directory. The DNS server will attempt to load this zone again on the next timeout cycle. This can caused by high Active Directory load and may be a transient condition. error: 4001 The DNS server was unable to open zone TrustAnchors in the Active Directory. This DNS server is configured to obtain and use information from the directory for this zone and zone. The event data is the error code. Under the application log: Faulting application name: dns.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc929 Faulting module name: dns.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc929 Exception code: 0xc0000005 Fault offset: 0x000000000001f256

as follows: ipconfig / all from Windows 7 Machines: Windows IP Configuration Host Name . . . . . . . . . . . . : PERRY3 Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) PRO / 100 VE Network Connection Physical Address. . . . . . . . . : 00-16-76-40 DUID. . . . . . . . : 00-01-00-01-13-62-AD-CD-00-16-76-40-D1-7B DNS Servers . . . . . . . . . . . : 192.168.1.3 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter isatap.{75E881DF-81AC-491C-8A2A-FA40EAE89A87}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 9: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 00-00-00-00-00-00-00 Yes = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = ipconfig / all from Windows 2008 Server: Windows IP Configuration Host Name . . . . . . . . . . . . : PERRY-SVR Primary Dns Suffix . . . . . . . : perry.local Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : Yes WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : perry.local Ethernet adapter Local Area Connection 4: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : HP NC382i DP Multifunction Gigabit Server Adapter #4 Physical Address. . . . . . . . . : 18-A9-05