Today, I was trying to remove an old windows 2003 R2 DC server in our domain, when I run DCPROMO command to demote it, I received the following error message:
The operation failed because: The attempt at remote domain controller DC2016 to remove domain controller CN=DC1,CN=Servers,CN=Default-First-Name,CN=Sites….from the forest was unsuccessful. “Access is Denied”
It you ran into the same issues with me, don’t panic, you can try to follow steps to fix your issues.
- Login to Domain Controller server and open Active Directory Sites and Services.
- Right-click the Domain Controller (which you would like to demote it) and select Properties.
- Select Object and uncheck Protected object from accidental Deletion and then Click OK.
- Click Retry.
Now, it should fix the issues and demote the old Domain Controller server.
Hope you enjoy this post.
Author: Cary Sun
Cary Sun is an Principal Consultant, He has a strong background specializing in datacenter and deployment solutions, and has spent over 20 years in the planning, design, and implementation of network technologies and Management and system integration.He hold CISCO CERTIFIED INTERNETWORK EXPERT (CCIE No.4531) from 1997.Cary is also a Microsoft Most Valuable Professional (MVP) and Cisco Champion, He is a published author with serveral titles, include blogs on Checkyourlogs.net, author for many books. Specialties: CCIE /CCNA / MCSE / MCITP / MCTS / MCSA / Solution Expert / CCA