Sunday, 28 September 2014

How to rename a domain controller in Windows server 2008/R2

Understanding the concept

There are often scenarios that you need to rename your domain controllers, it can be either a primary domain controller or any of secondary controllers. This can be achieved by either through GUI or command line. However the recommended way to achieve this is through the command line using the command netdom. The netdom command updates the Service Principal Name (SPN) attributes in Active Directory Domain Services (AD DS) for the computer account. This command also registers Domain Name System (DNS) resource records for the new computer name. The SPN value of the computer account must be replicated to all domain controllers in the domain, and the DNS resource records for the new computer name must be distributed to all the authoritative DNS servers for the domain name. If the updates and registrations have not occurred before the removal of the old computer name, some clients might not be able to locate this computer using the new name or the old name. The only problem that may occur is that the corresponding nTFRSMember or msDFSR-Member object is not renamed automatically, but the reference attributes are correctly set so SYSVOL replication is not impacted. The potential problem with not renaming these objects is that if another domain controller is created at a later date with the same NetBIOS name of the old domain controller, then a conflict can occur. In order to avoid this conflict you can refer the MS article and avoid the issue that may occur in future.

Note: If you are renaming any of the secondary domain controllers please make sure that there is no replication issues between the domain controllers else you may face various issues during these steps.

Renaming the domain controller

Now let us consider that I am renaming my primary domain controller and its host name is that 'server-1' which we need to rename to 'server-001' and my domain is ''. To summarize the actions that we are going to perform, firstly we will add a secondary host name to the server which i want to rename and promote that secondary name as the primary host name of that server. Once it is done we will delete the old host name. 
1. Open a Command Prompt as an administrator: On the Start menu, right-click Command Prompt, and then click Run as administrator.
2.  type the following command to add the new domain controller name, and then press ENTER: The syntax is netdom computername CurrentComputerName/add:NewComputerName

<netdom computername> Manages the primary and alternate names for a computer.
<CurrentComputerName> The current, or primary, fully qualified DNS name of the computer that you are renaming.
</add:> Specifies that a new alternate DNS name should be added.
<NewComputerName> The new fully qualified DNS name for the computer that you are renaming.

In my case the command become,
netdom computername server-1 / and press ENTER. Successfully executing the command will add a new domain controller name to your computer.

3. Now the domain controller has got two names. Make that secondary name of the server as its primary name for the domain controller.
netdom computername CurrentComputerName /makeprimary:NewComputerName
i.e, netdom computername server-1 / and press ENTER.
Once the command is executed successfully you need to restart the server to make effect the changes. Please restart it and logon again.
4. If you check the domain controller's name you can observe that it's name has changed. Now you need to remove the old domain controller name. Once again open command prompt as administrator and execute the below command.
netdom computername NewComputerName /remove:OldComputerName
And here the command become, netdom computername /
So that’s it the rename process of your domain controller is completed.
Note: During the execution of any of the command above if you may receive and error 'Element not found'. In that case make sure that you have specified the NewComputerName and OldComputerName as Fully qualified domain name.

Renaming the domain controller using GUI

As described earlier you can achieve the same graphically. Renaming a domain controller in this way may result in Active Directory replication latency, making it more difficult for clients to locate or authenticate the domain controller under its new name so the recommended method to rename the domain controller is using the command netdom. Lets see how to do this,

1. Right click My computer and select properties. Click Change settings and change button from System properties window. Now you will receive the warning message as below and click OK to continue with rename operation.
2. Edit the text box under computer name and you have to click OK button to apply the changes. Restart the domain controller to take effect the changes and this completes the process. 

No comments:

Post a Comment