If you need to retire a Windows Server 2012 domain controller
from your environment—for example, to repurpose its server hardware
for some other role—you can do this using Server Manager by
performing the following steps:
-
Launch the Remove Roles And Features Wizard from the
Manage menu, and select your server from the server pool.
-
On the Remove Server Roles page, deselect the Active
Directory Domain Services check box. The Validation Results page
is displayed at this point to indicate that you must first
demote the domain controller before you can remove the AD DS
role. (See Figure 9.)
-
On the Validation Results page, click Demote This Domain
Controller to launch the AD DS Configuration Wizard.
-
On the Credentials page of this wizard, supply the
necessary credentials to perform this operation if your current
logon credentials have insufficient privileges. If previous
attempts to remove AD DS from this domain controller failed,
select the Force The Removal Of This Domain Controller check box
on this page.
-
If you are demoting the last domain controller in the
domain, make sure the Last Domain Controller In The Domain check
box is selected to confirm that you want to remove the domain
from your forest. Note that this check box is displayed only if
the server is the last domain controller in the domain.
-
On the Warnings page, make sure the Proceed With Removal
check box is selected to confirm your decision to perform the
demotion. Note that this page is not displayed if you chose to
force the removal of AD DS in the previous step.
-
On the Removal Options page, you have the option to remove
any DNS delegations created in the authoritative parent zone.
Note that you need to supply appropriate credentials to perform
this action.
-
If you are demoting the last domain controller in the
domain, you also have the options of removing the DNS zone for
the domain and also any application partitions. (See Figure 10.) By
clicking View Partitions, you can display a list of any
application partitions in AD DS.
-
On the New Administrator Password page, enter a password
for the local Administrator account for the server.
-
Complete the wizard to demote the domain controller. The
server restarts, and you can log on using the local
Administrator account and the new password you specified in the
previous step.
-
Launch the Add Roles And Features Wizard again from the
Manage menu, and select your server from the server pool.
-
On the Remove Server Roles page, deselect the Active
Directory Domain Services and DNS Server check boxes. Finish
running the wizard. When the server restarts, both the AD DS and
DNS Server roles will have been removed.
Important
Removing application partitions
When you demote the last domain controller in a domain using
Server Manager, you have the option of removing any application
partitions. At a minimum, when you do this you should see the
default DNS application partitions—for example:
-
DC=DomainDNSZones,DC=corp,DC=contoso,DC=com
-
DC=ForestDNSZones,DC=corp,DC=contoso,DC=com
If you have other server applications deployed in your
environment, you might see additional application partitions.
Before removing these partitions, make sure that your deployed
server applications will still be able to work properly, unless
you are also retiring those server applications from your
environment.
