Skip to content

TechDirectArchive

Hands-on IT, Cloud, Security, Veeam & DevOps

  • Home
  • About
  • Advertise With US
  • Contact
  • Reviews
  • Toggle search form

How to demote and remove a Domain Controller on Windows Servers

Posted on 27/08/202215/10/2024 Temitope Odemo By Temitope Odemo No Comments on How to demote and remove a Domain Controller on Windows Servers
  1. Home
  2. Windows Server
  3. How to demote and remove a Domain Controller on Windows Servers
DC-2

In this article, you will learn how to demote and remove a Domain Controller on Windows Servers. According to techdirectarchive a domain controller (DC) is a server computer that responds to authentication requests. It participates in the replication and contains a complete copy of all directory information for its domain. If you want to know how to Promote a Windows server to a Domain Controller then you can read this: Active Directory: How to Setup a Domain Controller.

Sometimes you may no longer need a server to act as the domain controller that is where the demotion of a DC comes into play. In this article, I will be showing you how to decommission a domain controller through the demotion of the DC.

Here is a YouTube video on how to demote and remove a domain controller

Play

Here are some other related articles that might interest you: Active Directory: How to add a second Domain Controller to your environment, how to allow RDP access for non-administrators on a Domain Controller, and how to install and configure Active Directory Domain Services on Windows Server 2022.

How to demote and remove a Domain Controller

1: To do this, please open the Server Manager as shown below.

image-21
Server Manager

2. Click on Manage and from the drop-down select Remove Roles and Features

image-22
Server Manager Dashboard

Please see how to fix Error “Connectivity to a writable domain controller from node could not be determined because of an error: The distinguished name of the node could not be determined“.

Select the Right Server from the Server pool

3. Make your Server selection from the pool of servers if you have more than one server and click next.

image-23
Selecting Specific Server

4. On the Server Roles Page uncheck Active Directory Domain Services and click Next.

image-24
Removing Server Role

Please refer to these interesting guides: How to Query Windows BitLocker status remotely, how to fix the trust relationship between this workstation and the primary domain failed, What are screensavers? Reasons to use or not use them anymore, and how to Capture and Record your Screen in Windows 10 with Xbox Game Bar.

Remove Roles and Features

5. Immediately after you uncheck you will get a popup page to remove features that require Active Directory Domain Services.

If you want to remove the ADDS completely make sure you check to Remove management tools.

image-25
Removing Roles and Features

6. Despite the Validation results you must still click on Demote this domain controller

image-26
Demoting DC

7. On the next page you can decide to change the credentials to use to perform the demotion operation. Please do not check Force the removal of this domain controller if the current server is not the last DC in the domain.

image-27
Credentials

Please see How to add a new Domain Controller to an Existing Domain, and How to remove WDS role via the GUI and PowerShell.

DNS Removal

8. You will always receive a warning message if the current server is used for DNS. You will need to re-assign another server as DNS because the DNS role on the DC will be removed.

9. On the next page check the box Proceed with removal and click next

image-28
Getting the Warning

10. You may decide to check or uncheck Remove DNS delegation and click next. On the next page enter the new administrator password which will be the local administrator account on this server.

Removal-options
image-29
Setting New Administrator

Please refer to this similar guide: How to uninstall Microsoft SQL Server on Windows 10 and Windows Server, “Remove Office license file: How do you change the account that Office says belong to on Mac“, and how to uninstall Microsoft SQL Server on Windows 10 and Windows Server

Demote the Domain Controller

11. On the next page click the Demote button. Immediately the server will be demoted and rebooted and you can log in with the local admin password or the domain credentials if it now belongs to another domain.

Demote-DC

Next, you PC will be restarted automatically.

Restart-Server-to-rmove-DC

Also, see This computer is a domain controller: The snap-in cannot be used on a domain controller, domain accounts are managed by ADUC snap-in.

Step 2: Remove ADDS and DNS Roles

Click on Manage and select “Remove Roles and Features”. Follow the prompt and click next to remove the ADDS features as shown below.

Remove-ADDS-Roles-and-features

Remove the DNS Features

Remove-DNS-roles

Confirm removal of selected roles

Remove-selected-roles

Feature removal succeeded as shown below.

Removal-succeeded

Launch the Remove Roles and Feature wizard again to remove the DNS roles and ADDS role as shown below.

Remove-roles

I hope you found this blog post on how to demote and remove a Domain Controller on Windows Servers Interesting and helpful. In case you have any questions do not hesitate to ask in the comment section.

5/5 - (1 vote)

Thank you for reading this post. Kindly share it with others.

  • Share on X (Opens in new window) X
  • Share on Reddit (Opens in new window) Reddit
  • Share on LinkedIn (Opens in new window) LinkedIn
  • Share on Facebook (Opens in new window) Facebook
  • Share on Pinterest (Opens in new window) Pinterest
  • Share on Tumblr (Opens in new window) Tumblr
  • Share on Telegram (Opens in new window) Telegram
  • Share on WhatsApp (Opens in new window) WhatsApp
  • Share on Mastodon (Opens in new window) Mastodon
  • Share on Bluesky (Opens in new window) Bluesky
  • Share on Threads (Opens in new window) Threads
  • Share on Nextdoor (Opens in new window) Nextdoor
Windows Server Tags:Active Directory, Active Directory Domain Services, DC, Domain, Domain Controller, Microsoft Windows, Windows 10, Windows 11, Windows Server 2016

Post navigation

Previous Post: How to change the default RDP port in Windows
Next Post: Fix Hyper-V VM Stuck in Stopping State

Related Posts

  • How to configure Volume Shadow Copies VSS on Windows Server
    Volume Shadow Copies: How to configure VSS on Windows Server Windows
  • 10.0.17763.1 error
    Fix Windows 10 Setup 1809 build 10.0.17763.1 is not supported Error Windows Server
  • https   specials images.forbesimg.com imageserve 4c098735a05b4251a85e8505c91f1837 0x0
    Fix insufficient access rights to perform this operation when trying to enable Active Directory Recycle Bin Windows Server
  • PIN9 1
    How to increase Windows PIN complexity Windows
  • wmic4
    How to find User Security Identifier (SID) in Windows [Part 1] Windows
  • VMware Error Fix
    How to fix “The process cannot access the file because another process has locked a portion of the file” Virtualization

More Related Articles

How to configure Volume Shadow Copies VSS on Windows Server Volume Shadow Copies: How to configure VSS on Windows Server Windows
10.0.17763.1 error Fix Windows 10 Setup 1809 build 10.0.17763.1 is not supported Error Windows Server
https   specials images.forbesimg.com imageserve 4c098735a05b4251a85e8505c91f1837 0x0 Fix insufficient access rights to perform this operation when trying to enable Active Directory Recycle Bin Windows Server
PIN9 1 How to increase Windows PIN complexity Windows
wmic4 How to find User Security Identifier (SID) in Windows [Part 1] Windows
VMware Error Fix How to fix “The process cannot access the file because another process has locked a portion of the file” Virtualization

Leave a Reply Cancel reply

You must be logged in to post a comment.

Microsoft MVP

VEEAMLEGEND

vexpert-badge-stars-5

Virtual Background

GoogleNews

Categories

veeaam100

Veeam Vanguard

  • image 78
    Enable LDAP over SSL with a third-party Certificate such as DigiCert Windows
  • troubleshooting Active Directory Replication
    How to troubleshoot Active Directory Replication issues Network | Monitoring
  • App Locker
    Harden your Veeam Backup Server with Microsoft AppLocker Windows
  • Featured image Microsoft Whiteboard
    How to work with Microsoft Blackboard via private or commercial accounts Microsoft Exchange/Office/365
  • oracle q4 earnings are in e28094 but what does it really mean 700x425 1
    How to uninstall Oracle Database 11G or 12c Oracle/MSSQL/MySQL
  • Windows Server vNext
    What’s New? Install Windows Server 2025 on Beelink EQ12 PC Windows
  • Setup is unable to access the SQL UDP port 1434
    Setup is unable to access the SQL UDP Port 1434 on the specified SQL Server Oracle/MSSQL/MySQL
  • Screenshot 1
    Migrating SAP HANA Plugin to Veeam Backup

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,791 other subscribers
  • RSS - Posts
  • RSS - Comments
  • About
  • Authors
  • Write for us
  • Advertise with us
  • General Terms and Conditions
  • Privacy policy
  • Feedly
  • Telegram
  • Youtube
  • Facebook
  • Instagram
  • LinkedIn
  • Tumblr
  • Pinterest
  • Twitter
  • mastodon

Tags

Active Directory Azure Bitlocker Microsoft Windows PowerShell WDS Windows 10 Windows 11 Windows Deployment Services Windows Server 2016

Copyright © 2025 TechDirectArchive

Loading Comments...

You must be logged in to post a comment.