We've had a child DC fail on us, and can't get into Windows on it as Directory Services is failing. A restore of the backed-up active directory hasn't worked due to a corruption, and so we've decided to demote the child DC and – for now – run AD from the PDC only.
However, dcpromo /demote doesn't work from Safe Mode or Directory Services Restore Mode.
We don't want to do a complete reinstall, as we have Exchange running on the child DC.
Anyone know how (if?) we can demote the DC within safe mode or otherwise get into windows?
Thanks
Best Answer
You've got a bit of a mess there.
Microsoft recommends against demoting a Windows Server 2003 domain controller running Exchange 2003. (They describe a "...loss of some Exchange functionality..." but don't go into details.)
I'm not aware of any DCPROMO switches that will help you if you can only boot in DS Restore Mode. I think your best bet is probably the procedure in KB332199 under "If the domain controller cannot start in normal mode".
If it were me and I managed to get it running again w/ the manual regsitry modification procedure I'd setup a temporary Exchange Server machine, move the mailboxes off the source server, level and reload the source server, then reload Exchange and move the mailboxes back. I don't think I'd trust a machine that had AD "manually" removed as described in that procedure.