Is it possible to remove my domain controller and switch to a simpler Windows network?
I have a small network (about five client PCs running Windows 7 or 10 and a server running a stripped-down version of Small Business Server 2011).
The only relevant things our SBS server does is host a couple of shared folders and being a Domain Controller. I've disabled Exchange and all(?) the other server functions. (It still runs DNS and DHCP, but that could easily be switched over to our internet router).
Since both the hardware and software of the server are very old, I would like to shut that server down completely. However, I don't know what effect that will have on the client PCs.
Is there a documented procedure somewhere for removing ALL Domain Controllers from a network, yet still retaining file sharing? I'm mostly worried about login credentials on the client PCs and absolutely don't want to force people to switch to a new profile!
Forgive me if this is a dumb question. All my searches turned up only questions about demoting an existing DC and replacing it with another.
Thanks.
Solution 1:
Of course, you can remove all machines from the domain and then shut down the domain controller.
Without a domain controller, all machines will only use their local users. If you're sharing files you'll have to either enter credentials for the share or keep all user names and password synced on all machines. Also, group and machine policies will be local only.
If you simply shut down the DC, your domain users lose the ability to change their password, change groups, etc. Also, they'll only be able to log onto a machine that has already cached their credentials. And of course, no new machine can join the domain and no new domain users can be created. So, before you kill the DC make sure that all users are local and have the priviledges they require.
You might want to consider getting a new server with an up-to-date operating system. You can set that up as another domain controller, move over the FSMO roles and then remove the old server from the structure (and then upgrade it to a current level).
https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/view-transfer-fsmo-roles