I have done a frustratingly silly thing: I added the AD DS role to a
standalone Windows Server 2008 R2 server, creating a new domain in the
process and making the server a DC. SQL Server 2008 was running on the
server at the time. I managed to get SQL Server running again, but now I
want to remove AD from the server.
When I run dcpromo, I am prompted to say whether this is the last DC in the
domain. It is the one and only DC, so I want to delete the domain, but it
warns that all user and computer accounts will be deleted.
Does this mean all Security Groups will be deleted as well? I could just
about live with users being deleted, but if I had to recreate security
groups as well it would be an absolute pain, and I imagine it would never
work properly again.