Sunday , August 2 2020

Demote Windows Server 2016 Domain Controllers

Had to Demote/Rename and Promote them back as Windows Server 2016 Domain Controllers. Lets see how to do it.

To list FSMO Roles –

netdom query fsmo

If they Hold It , you can move them easily using PowerShell.

Move-ADDirectoryServerOperationMasterRole -Identity DS001 -OperationMasterRole 0,1,2,3,4


Uninstall Using PowerShell –

Import-Module ADDSDeployment
Uninstall-ADDSDomainController -DemoteOperationMasterRole:$true -Force:$true


Or use GUI below ,

Open Server manager , Remove roles and features.


Uncheck / Remove Active Directory Domain Services.


Click on Demote this Domain Controller


Choose Next


Check Proceed with Removal

Choose next.


Enter the Administrator password


Start – Run –dssite.msc (Active Directory Sites and Services) – Delete the Stale Object Servers Object. once the replication completes


Waiting for the Replication to finish across sites rename and promote them back again.  By default replication interval across sites is 180 Minutes.

Optional –

Force Replication across sites  – (Do Not run below on large Environments – As it lists All ADobjects and tries to sync them)

Get-ADObject -Filter * | Sync-ADObject –Destination DS0003

Force Topology Creation –

repadmin /kcc DS003

For Replication between domain controllers with existing replication links –

repadmin /syncall /AePdq

About Satheshwaran Manoharan

Satheshwaran Manoharan is an Microsoft Office Server and Services MVP , Publisher of Specialized in Office365 / Microsoft Exchange / Virtualization , Sathesh is an Messaging Expert supporting/Designing/Deploying many medium size businesses to large enterprises when it comes to Corporate messaging and Virtualization Infrastructure

Check Also

Replacing Send Connector Certificate

A special Rpc error occurs on server EXCH1: These certificates are tagged with following Send …

Leave a Reply

Your email address will not be published.