Re: [Samba] demoted DC's still arround

On Mon, 3 Jul 2017 07:42:58 -0500
Robert Wooden via samba <samba@xxxxxxxxxxxxxxx> wrote:

> I have been replacing some "old" hardware and have demoted two DC's
> with 'samba-tool' as per the Samba wiki demotion page.
> When running Louis' "samba-info.sh" script, that script still finds
> the presence of the old, now demoted DC hostnames. Further
> investigation thru RSAT (W10) found the demoted both DC's still
> listed under the
> ADUC>Computers (along with all the other pc's on the AD) despite their
> having been demoted. (They were, however, not listed as the active
> DC's, simply computers still included in the AD. And, I will add here
> that they have been physically turned off and still appear as part of
> the group of computers associated with the AD.)
> Also, under the RSAT >> "Active Directory Sites and Services" lists
> all four DC's, the two demoted DC's as well as the currently active
> DC's.
> Not that there appears to be any issue with the script but, the
> results prompted looking deeper.
> So, the bigger question is, demotion of a DC does not necessarily
> "completely remove" the DC from the AD site? There is a need to
> access, via RSAT, to complete the demotion?

I think the bigger question here is, where are the DCs stored in AD ?

Are they in 'OU=Domain Controllers,DC=samdom,DC=example,DC=com'

Or 'CN=Computers,DC=samdom,DC=example,DC=com'


