Share via


Demote a domain controller

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To demote a domain controller

  1. On a domain controller, click Start, and then click Run.

  2. In Open, type dcpromo to open the Active Directory Installation Wizard, and then click Next.

  3. On the Remove Active Directory page, click Next, and then continue to follow the wizard.

Caution

  • Before you complete this procedure, verify that this domain controller is not the only global catalog and that it does not hold an operations master role.

Notes

  • To perform this procedure, you must be a member of the Domain Admins group or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure. For more information, see Default local groups, Default groups, and Using Run as.

  • If this domain controller is a global catalog, ensure that another global catalog is available to users before demoting it. For information about configuring domain controllers to host the global catalog, see Related Topics.

  • If this domain controller currently holds one or more operations master roles, transfer the operations master roles to another domain controller before demoting it. For information about locating operations masters and transferring operations master roles, see Related Topics.

  • If this domain controller is the last domain controller in the domain, demoting this domain controller will remove this domain from the forest. If this is the last domain in the forest, demoting this domain controller will also delete the forest. For information about removing domains and forests, see Related Topics.

  • If this domain controller holds the last replica of one or more application directory partitions, you must first remove the last application directory partition replicas from this domain controller before you can demote it. You can use the Active Directory Installation Wizard to remove all application directory partition replicas from this domain controller or you can manually remove them using the Ntdsutil command-line tool. For information about application directory partitions, see Related Topics.

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also

Concepts

Domain controllers
Enable or disable a global catalog
Operations master roles
Domains
Application directory partitions
Add or remove an application directory partition replica