Different server name in the Default Domain Policy then I expected.

Question

I have 3 DC's; DC1,DC2,DC3 with DC3 being the newest 2022 server. DC1 is an older server running 2012 and the original DC. I intend to, but have not yet, demoted it.

Anyway, I was doing something in the Group Policy Management Editor (GPME) and noticed at the of the tree was this:

Default Domain Policy [DC1.OURDOMAIN.LOCAL]Policy.

I expected to see DC3 there as that was the server I was physically logged into. Does it matter? What will happen to GP when I remove it? Did I miss a step when I installed DC3?

Answer 1

Hi @Jim •

If I well understood your question , when you try to edit a GPO through Group Policy Management Console or Editor (GPMC), you see that the console is connected to DC1 and not DC3 where you are connected.

For your information , by default the Group Plicy Management console (or Editor) connect on the DC with PDC role.

In your case, I think the PDC role still hosted on DC1 that's why the Group Policy Management console still connected on DC1.
When you move the PDC role to another DC for example DC3, GPMC will be connected automatically to DC3

If you want demote the DC1 , you should start by:

• Move FSMO role to another domain controller
  You can use Powershell command to move FSMO role to another DC , below a example :

Move-ADDirectoryServerOperationMasterRole -Identity DC3  -OperationMasterRole SchemaMaster,DomainNamingMaster,PDCEmulator,RIDMaster,InfrastructureMaster

• Check the domain controller health and domain controller replication :
  repadmin /showrepl
  dcdiag
• If the DC1 is used as DNS resolver on others machines you should replace it by another DC or DNS server (DC3 for example) ,
• Demote DC1
• Check the domain controller health and domain controller replication :
  repadmin /showrepl

---

Please don't forget to accept helpful answer