Error Demoting Domain Controller
- 
 Ah well then it looks like adsiedit for you then. 
- 
 @momurda First time. Good learning experience for me  
- 
 @wirestyle22 said in Error Demoting Domain Controller: @momurda First time. Good learning experience for me  Don't break AD! 
- 
 Yes be careful. First and easiest place to look is under the Domain Controllers section in adsi edit 
 You can also use
 dsquery to find the location and use adsiedit to view and delete the erroneous entry.
- 
 @momurda This domain controller I'm looking for no longer exists though. It's just in event viewer. The domain controllers listed in adsi edit are correct. 
- 
 You might also get interesting results using 
 netdom query fsmo /domain:forest
 netdom query fsmo /domain:child1
 netdom query fsmo /domain:child2
 from different DCs
- 
 @wirestyle22 
 It might not exist 'for real' anymore but your AD thinks it does, somewhere.
 You have to find the reference to it within the depths of AD and get rid of it.
- 
 @wirestyle22 said in Error Demoting Domain Controller: @Dashrender found this: http://khellman.blogspot.com/2014/02/ad-ds-operation-failed-dcpromo-error.html Using this link, Wire and I did find that his Domain did have a left over Forest based entry in ADSI edit for the DC that no longer exists. Now trying to find the best way to resolve the problem. It's likely the DC was removed without running through DCPromo. It's likely that ADSI edit Metadata cleanup will be needed. 
- 
 Update: Within ASDI Edit we connected to: 
 DC=ForestDNSZone,DC=subdomain,DC=rootdomain,DC=comCN=Infrastructure(Text File) listsfSMORoleOwnerin the Attribute Editor. The value showed a lot of garbled code instead of clean names, etc. A part of it was referencing the Domain Controller that hasn't been in production for a long time.
- 
 I logged into a domain controller on the root domain using enterprise admin credentials and was able to edit fSMORoleOwnerin the Attribute Editor. I then attempted to demote the Domain Controller again and got past the initial error, but it then gave me an access denied error. I had already gone into sites and services to disable the deleted protection so I spent a long time trying to figure out why this was occurring. It simply had not replicated to the DC yet.Domain Controller successfully demoted. Big shoutouts to @Dashrender for going completely out of his way to help me resolve this issue. Can't thank you enough man. 
- 
 @wirestyle22 said in Error Demoting Domain Controller: ForestDNSZone I'm trying to do this now and my ADSI edit doesn't show the ForestDNSZone. Assuming my TLD/Domain was contoso.com, I should be plugging in this, right? No worky... Not sure why. 
  
- 
 @Grey said in Error Demoting Domain Controller: @wirestyle22 said in Error Demoting Domain Controller: ForestDNSZone I'm trying to do this now and my ADSI edit doesn't show the ForestDNSZone. Assuming my TLD/Domain was contoso.com, I should be plugging in this, right? No worky... Not sure why. 
  Are you working on a single domain or one root domain with multiple subdomains? 
- 
 @wirestyle22 said in Error Demoting Domain Controller: @Grey said in Error Demoting Domain Controller: @wirestyle22 said in Error Demoting Domain Controller: ForestDNSZone I'm trying to do this now and my ADSI edit doesn't show the ForestDNSZone. Assuming my TLD/Domain was contoso.com, I should be plugging in this, right? No worky... Not sure why. 
  Are you working on a single domain or one root domain with multiple subdomains? Single root. No subdomains. 
- 
 @Grey said in Error Demoting Domain Controller: @wirestyle22 said in Error Demoting Domain Controller: @Grey said in Error Demoting Domain Controller: @wirestyle22 said in Error Demoting Domain Controller: ForestDNSZone I'm trying to do this now and my ADSI edit doesn't show the ForestDNSZone. Assuming my TLD/Domain was contoso.com, I should be plugging in this, right? No worky... Not sure why. 
  Are you working on a single domain or one root domain with multiple subdomains? Single root. No subdomains. Your screenshot looks right to me. What does it say when you click OK 
- 
 @wirestyle22 said in Error Demoting Domain Controller: @Grey said in Error Demoting Domain Controller: @wirestyle22 said in Error Demoting Domain Controller: @Grey said in Error Demoting Domain Controller: @wirestyle22 said in Error Demoting Domain Controller: ForestDNSZone I'm trying to do this now and my ADSI edit doesn't show the ForestDNSZone. Assuming my TLD/Domain was contoso.com, I should be plugging in this, right? No worky... Not sure why. 
  Are you working on a single domain or one root domain with multiple subdomains? Single root. No subdomains. Your screenshot looks right to me. What does it say when you click OK  
- 
 This post is deleted!
- 
 Do you see any DC's listed in the computer dropdown shown below? Might need to manually select a server. It should be able to see itself.  
- 
 @wirestyle22 said in Error Demoting Domain Controller: Do you see any DC's listed in the computer dropdown shown below? Might need to manually select a server. It should be able to see itself.  Yup. Oddly, not all of them. Out of 1 RODC and 5 DCs, only 2 show in the dropdown. 
- 
 @Grey You don't even want to know what my network looks like. It's held together by bubblegum 
- 
 @wirestyle22 said in Error Demoting Domain Controller: @Grey You don't even want to know what my network looks like. It's held together by bubblegum You don't even have duct tape? It's time for an upgrade! 




