Share via

Need to make my client computers get Group policy update from Different Domain controllers in the Domain

Anonymous
2025-03-31T14:01:27+00:00

I have four Domain controllers running Windows Server 2022.. I need to decommission one of the domain controllers, but i noticed all my client computers are getting GP update from this domain controller.

I have set a group policy to make all my client computer get group policy update from the PDC but this is not solving the solution as all client computers are still getting their group policy from the DC that need to be decommissioned.

Please i need suggestion on how to resolve the issue.

Windows for home | Windows 11 | Windows update

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Siva Shankar 10,960 Reputation points
    2025-03-31T14:47:26+00:00

    Hello ,

    I’m here to help you in resolving your issue

    To ensure clients get Group Policy updates from other domain controllers before decommissioning the old DC, set the preferred DC using Group Policy or Registry, verify correct site mapping in Active Directory Sites and Services, and force clients to refresh their DC connection using gpupdate /force and nltest.

    Temporarily disable the Netlogon service on the old DC to redirect traffic, check DNS and SYSVOL replication, and remove outdated records. Monitor client behavior, and once they consistently use other DCs, safely decommission the old DC using dcpromo.

    As your question is more complex and related to Group policy, please use the Microsoft Q&A Forum (The System Administrators and IT Pro Forum) where they can assist you better.This community forum is for casual users to help software related issue,

    https://learn.microsoft.com/en-us/answers/tags/

    1 person found this answer helpful.
    0 comments
  2. Sumit 43,786 Reputation points Volunteer Moderator
    2025-03-31T14:43:54+00:00

    Hi,

    To resolve the issue of client computers still receiving Group Policy updates from the domain controller you intend to decommission, follow these steps:

    Verify DNS Records: Check the DNS settings in your environment. Ensure that there are no stray DNS records (e.g., SRV or A records) pointing to the old domain controller. These records may cause clients to continue querying it for Group Policy updates.

    Update Group Policy Settings: Run gpresult on client machines to verify if any Group Policy settings are still referencing the old domain controller. If found, update or remove those references.

    Force GPUpdate: Use the Invoke-GPUpdate PowerShell cmdlet or Group Policy Management Console (GPMC) to remotely refresh Group Policy settings across all client computers. This ensures they receive updated policies from the preferred domain controller.

    Check DFS Settings: If Distributed File System (DFS) is configured, verify that it does not reference the old domain controller, as this could influence Group Policy behavior.

    Demote the Domain Controller: Once you confirm that no services or clients are actively using the old domain controller:

    Use Server Manager to demote it by removing the Active Directory Domain Services role.

    Ensure FSMO roles have been transferred to other domain controllers.

    Remove DNS delegation if applicable.

    Clean Up Metadata: After demotion, clean up any remaining metadata in Active Directory Sites and Services and remove references to the old domain controller from Active Directory Users and Computers.

    By following these steps, client computers should begin receiving Group Policy updates from the designated PDC, and you can safely decommission the old domain controller.

    1 person found this answer helpful.
    0 comments