General uninstall of domain controllers, Active directory family 13

Source: Internet
Author: User

We now have some deployment and management experience for Active Directory, and today we are going to consider a problem, if we don't need a domain controller, how should we handle it? It is not right to hit it directly, this is too violent, and the current harmonious environment is a little out of tune. The point is, if we let this domain controller disappear directly, other domain controllers are not aware of this message, and every other domain controller attempts to make AD replication with this domain controller at intervals, and the client may also send the username and password to the Non-existent domain controller for verification. If this brute-force domain controller is also taking on some operations master roles, we are even more in trouble. Therefore, when we do the domain controller uninstall, we must do the work in place, the priority to use conventional uninstall, and strive to not leave the trouble.

Some friends may say, I also want to use the normal uninstall, but sometimes is not normal uninstall, no way, had to .... We want to analyze why the domain controller does not uninstall properly? When a domain controller makes a general uninstall, the contents of the ad change, and the domain controller notifies its replication partner of the change, and the other domain controller is notified by its own replication partner. If all domain controllers are notified, they can be uninstalled correctly, and DNS records, operations master roles, AD replication topologies, and so on can be solved. Therefore, ad replication between the domain controller uninstall and the domain controller is actually two sides of a coin, and AD replication is also performed when the domain controller unloads. To see if a domain controller can be uninstalled properly, we can simply see if the domain controller and its replication partners can be ad replicated in Active Directory Sites and Services, and as long as AD replication is available, there is no problem with the basic uninstall of the domain controller.

We give an example of a normal uninstall of a domain controller, as shown in the following diagram, we are ready to uninstall the domain controller Perth in the Shanghai site. As you can see from the topology, Perth replication partners should be Firenze, so as long as AD replication can take place between Perth and Firenze, Perth should be able to uninstall the domain controllers.

Run Dcpromo on Perth, as shown in the following illustration, the Active Directory Installation Wizard appears and the wizard determines that we are ready to remove Active Directory and click "Next" to continue.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.