How to Decommission Server 2003 Domain Controllers
==================================================

#Check Global Catalogs in the domain
nslookup gc._msdcs

#Get additional info about the Domain/Forest
Get-ADForest

#Check FSMO roles distribution
netdom query FSMO

Get-ADDomain | FT *master,PDC* -auto

#Force a Push replication and check replication status
repadmin /syncall /AeP

repadmin /replsum

#Run DCDiag DNS test - separately, in verbose mode:
dcdiag /test:DNS /v /e /f:dcdiag-DNS.log

#(Optional) Run DNSLINT utility with /ad for AD replication tests:
#Available at http://support.microsoft.com/kb/321045
#Note: Replace the IP with actual DC IP address

dnslint /ad /s 192.168.1.10 /v

#Run DCDIAG without DNS test (we add the debug switch /d for more details):
dcdiag /v /d /skip:DNS /f:dcdiag.txt

#Move FSMO roles to Server 2012 Domain Controller:
Move-ADDirectoryServerOperationMasterRole

#Reconfigure Time Service on new and old PDC emulator
w32tm /config /manualpeerlist:time.windows.com /syncfromflags:manual /reliable:yes /update

Restart-Service w32time

w32tm /config /syncfromflags:domhier /reliable:no /update

net stop w32time && net start w32time

# NOTE: krbtgt account will reset its’ password after raising Domain/Forest functional level
# You MUST restart the Kerberos Key Distribution Center service on all DC’s

get-service KDC | Restart-Service

get-service KDC -ComputerName DC2-12 | Restart-Service

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::					http://www.netometer.com			       ::
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::