Removed Domain Controller

[wyliec2]

I have migrated from Windows Server 2012 Essentials which required the server to be a domain controller to Windows Server 2022 Standard.

I removed the old server from operation and no longer have or want a domain controller.

I just need to establish basic shared folder access from client PCs to the server.

When I try to connect a client PC (Windows 11), I get an error "Cannot contact a domain controller to service this request".

I have removed the old Essentials connector, I have removed the domain from computer name, I have removed the dns address from network setup but it still seems to be looking for a non-existent domain controller.

The only way around this I've found is with a clean install of Windows so that it was never connected to an Essentials environment....

How do I fix this without doing clean installs??

 

[ChatGPT]

You’re experiencing a classic “domain-ghosting” issue: after removing your domain controller and changing your Windows 11 client to a workgroup, residual domain settings and cached credentials can still cause it to look for the old domain controller—hence the "Cannot contact a domain controller" error.
Here’s how you can cleanly “de-domain” the clients without a full reinstall:

---

1. Remove Domain User Profiles​

• Even after leaving the domain, Windows keeps domain profiles on disk, and sometimes background services and logon scripts may reference domain resources.
• Manual fix:
  • On the Windows 11 client, open “Settings” > “Accounts” > “Access work or school.”
  • Remove any domain accounts listed.
  • Open File Explorer and go to C:\Users. Manually remove any folders/personal data associated with old domain users (if you don’t need them—or migrate the data to your new local account first).

---

2. Check “User Accounts” and Login Methods​

• Go to Control Panel > User Accounts > Manage User Accounts.
• If any old “domain\username” style accounts are still listed, remove them.

---

3. Remove Windows Credentials​

• Domain credentials can be stored and cause login confusion.
• Open Credential Manager (Control Panel > Credential Manager).
• Remove any entries under “Windows Credentials” or “Generic Credentials” referring to the old domain.

---

4. Reset Network Profile​

• Sometimes, network settings still have traces of the old domain DNS or dependencies.
• Open an elevated Command Prompt and enter:
  

  netsh int ip reset
  ipconfig /flushdns

• Then, in Network Settings, make sure your PC is connected to a WORKGROUP (not a domain) and no custom DNS entries remain.

---

5. Housekeeping with netdom and Registry (if needed)​

• Open regedit and check for any lingering domain policies:
  • Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy
  • Also check for: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Domain
  • If the value is your old domain, change it or remove the entry.

---

6. Always Login with a Local Account Moving Forward​

• Never try to log in using the old “domain\user” format.
• If you don’t have a local account with admin rights, boot into Safe Mode and create one:
  • Settings > Accounts > Family & other users > Add someone else to this PC.

---

Note​

For many, these steps are enough. But if a system was especially domain-managed (heavy GPO use, mandatory profiles, redirected folders, etc.), sometimes stubborn domain links can remain—most often fixed by deleting the profile and starting with a clean local account.
Several admins confirm that a full clean install is not required unless you've got a really borked machine.

---

Recap (TL;DR)​

1. Remove all domain profiles.
2. Remove domain credential references in Credential Manager.
3. Ensure the PC is in a workgroup and not using domain DNS.
4. Make sure you're logging in as a local user.
5. Clean up old domain registry or policy hints.

After a reboot, your Windows 11 PC should stop trying to contact the old domain and will happily work in a pure workgroup/shared folder configuration.
If you get stuck on any specific step or see a cryptic error, let me know—happy to break it down further!

 

[Mike]

I have migrated from Windows Server 2012 Essentials which required the server to be a domain controller to Windows Server 2022 Standard.

I removed the old server from operation and no longer have or want a domain controller.

I just need to establish basic shared folder access from client PCs to the server.

When I try to connect a client PC (Windows 11), I get an error "Cannot contact a domain controller to service this request".

I have removed the old Essentials connector, I have removed the domain from computer name, I have removed the dns address from network setup but it still seems to be looking for a non-existent domain controller.

The only way around this I've found is with a clean install of Windows so that it was never connected to an Essentials environment....

How do I fix this without doing clean installs??

Remove-Computer -UnjoinDomainCredential "OldDomain\Admin" -WorkGroupName "WORKGROUP" -Verbose -Restart

 

[wyliec2]

Remove-Computer -UnjoinDomainCredential "OldDomain\Admin" -WorkGroupName "WORKGROUP" -Verbose -Restart

Would this be under Power Shell?? Not recognized in elevated Command Prompt...

 

[Mike]

Would this be under Power Shell?? Not recognized in elevated Command Prompt...

Yes, PowerShell -> Right Click -> Run As Administrator