Learn What IT Pros Need to Know About Windows 11 - August 24th at 1 PM ET! Learn What IT Pros Need to Know About Windows 11 - August 24th at 1 PM ET!

Demote Windows 2008 R2 Server Core domain controller

Home Forums Microsoft Networking and Management Services Active Directory Demote Windows 2008 R2 Server Core domain controller

Viewing 1 post (of 1 total)
  • Author
    Posts

  • Robert R.
    Participant
    #151170

    Environment:
    172.18.1.105 (DEVDC01) Windows 2008 R2 Server Core domain controller in virtual machine
    172.18.1.106 (DEVDC02) Windows 2008 R2 Standard Edition domain controller on physical server

    Because of the issues we have been having with trying to add a VMware vCenter server to Active Directory, we decided to stand up a physical domain controller and demote the virtual domain controller. It is Standard Edition, because Network Policy Server (formerly IAS, formerly RADIUS) won’t run on Server Core.

    I was able to transfer the FSMO roles, and migrate the DCHP server configuration to the new physical domain controller.

    When I run dcpromo /unattend:c:tempdemote.txt to demote the Server Core domain controller, I get the following message:

    Checking if Active Directory Domain Services binaries are installed…
    Active Directory Domain Services Setup

    Validating environment and parameters…

    The local administrator password does not meet the minimum password length requirement of the password policy. Supply a longer password.

    The local administrator’s password, which existed before I promoted DEVDC01 to a domain controller, does meet the Windows 2008 default password complexity requirements.

    I have disabled the password complexity requirements in the the group policy for the active directory, but have no idea how to disable the requirements for the local accounts, or even list and manage the local accounts in Server Core.

    Of course, since this is a virtual machine that no longer holds the FSMO roles, I suppose I could just shut it down and let DEVDC02 do all the work. But I’d like to do a clean and proper demotion, especially since I will probably re-create another domain controller on a physical box with the same name and IP in the near future.

    So how can I disable the password complexity requirements in Windows 2008 R2 Server Core for the local administrator account?

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

Register for Advanced Microsoft 365 Day!

GET-IT: Advanced Microsoft 365 1-Day Virtual Conference - Live August 24th!

Join us on Tuesday, August 24th and hear from Microsoft MVPs and industry experts about how to take advantage of Microsoft 365 at a technical level and dive deep into the features and functionality that will make your environment more secure and compliant.

RSVP Now

Sponsored By