33.5 C
Monday, July 15, 2024

Demote Windows Server 2016 Domain Controllers

Had to Demote/Rename and Promote them back as Windows Server 2016 Domain Controllers. Lets see how to do it.

To list FSMO Roles –

netdom query fsmo

If they Hold It , you can move them easily using PowerShell.

Move-ADDirectoryServerOperationMasterRole -Identity DS001 -OperationMasterRole 0,1,2,3,4


Uninstall Using PowerShell –

Import-Module ADDSDeployment
Uninstall-ADDSDomainController -DemoteOperationMasterRole:$true -Force:$true


Or use GUI below ,

Open Server manager , Remove roles and features.


Uncheck / Remove Active Directory Domain Services.


Click on Demote this Domain Controller


Choose Next


Check Proceed with Removal

Choose next.


Enter the Administrator password


Start – Run –dssite.msc (Active Directory Sites and Services) – Delete the Stale Object Servers Object. once the replication completes


Waiting for the Replication to finish across sites rename and promote them back again.  By default replication interval across sites is 180 Minutes.

Optional –

Force Replication across sites  – (Do Not run below on large Environments – As it lists All ADobjects and tries to sync them)

Get-ADObject -Filter * | Sync-ADObject –Destination DS0003

Force Topology Creation –

repadmin /kcc DS003

For Replication between domain controllers with existing replication links –

repadmin /syncall /AePdq
Satheshwaran Manoharan
Satheshwaran Manoharanhttps://www.azure365pro.com
Award-winning Technology Leader with a wealth of experience running large teams and diversified industry exposure in cloud computing. From shipping lines to rolling stocks.In-depth expertise in driving cloud adoption strategies and modernizing systems to cloud native. Specialized in Microsoft Cloud, DevOps, and Microsoft 365 Stack and conducted numerous successful projects worldwide. Also, Acting as a Technical Advisor for various start-ups.

Related Articles


Please enter your comment!
Please enter your name here

× How can I help you?