How to Rename a Server 2008 Domain
IT Problem
If you need to rename you server 2008 or server 2008 r2 domain name then this is a quite a serious task, follow the step by step guide below on changing the domain name of your windows domain.
IT Solution
Before we start there are a few prerequisites
- Enterprise Administrator permissions are required.
- The forest functional level must be at least Windows Server 2003 or 2008, and all DC’s running at least Server 2003 .
- A DNS zone for the new domain must already be in place.
- The Rendom and Gpfixup tools must be copied to a domain member workstation to perform the rename . Its best not to run this from a DC.
- Have a read of the link below for details on requirements if you’re using DFS redirection, roaming profiles, running a CA, or Exchange Server.
http://technet.microsoft.com/en-us/library/cc794869%28WS.10%29.aspx
The domain rename is performed with the Rendom tool, which is installed with Active Directory when you dcpromo a server . Once this process is started, you must ensure that no changes are made to the forest configuration or active directory until complete.
1. Run “rendom /list” to generate a state file named Domainlist.xml. This file contains the latest forest configuration.
2. Then Edit the state file, changing the <DNSname> and <NetBiosName> fields to the the name for the new domain name.
3. Run “rendom /showforest” this shows what changes will be made..
4. Run “rendom /upload” to upload the rename instructions to the configuration directory partition on the domain controller holding the domain naming operations master role. changes are then replicated to all other DC’s in the forest. Once replicated to all DC’s, the rename instructions are ready ran. You can force replication by running the “repadmin /syncall” command.
5. Run “rendom /prepare” to verify the readiness of each domain controller in the forest to carry out the rename instructions. If all is well you should recive no errors back.
6. Run “rendom /do”, this checks the readiness of all DC’s, then preforms the rename action on each dc one by one. AD will not be available at this time. Once tis is done all dc`s will reboot.
( if this domain is a server 2008 R2 domain the command is “rendom /execute” instead of “rendom /do”. Thanks to Harish Vajja for the update .
7. Run “gpfixup” to refresh all intradomain references and links to group policy objects.
8. Reboot client computers and member servers twice to obtain new domain name. Because the GUID’s of the domain remain the same during the rename process, domain membership is not affected. The DNS suffix of the client machines will also be updated assuming the default option of “Change primary DNS suffix when domain membership changes” is enabled.
9. Run “rendom /clean” to remove references of the ancient domain name from Active Directory.
10. Run “rendom /end” to unfreeze the forest configuration and allow further changes. This was frozen during the rendom /upload step.
Tags: domain
Loading ...
Harish Vajja
| #
Instructions are great. Just one correction for 2008 R2, in step 6. Run “rendom /execute” instead of “rendom /do”.
Reply
Allen White
| #
Thanks Harish for the input, ill update the article 🙂
Reply
Nsj
| #
What happen if you have member servers with exchange 2007 and sql server 2005?
Reply
Allen White
| #
Hi, the renaming of a doman that runs any version of exchange is NOT supported and will 100% break exchange. SQL will be fine 🙂
Reply
Ric Liang
| #
I’m going through the process this weekend, but only to rename the NetBIOS name of the domain. I can’t establish a trust between 2 domains with the same NetBIOS name. Hopefully after a successful RENDOM process I can establish the trust and I wont be denied by the existing GUID of the target domain
Reply
Allen White
| #
Hi Ric, good luck, although you shouldnt need it as you sound like you have the process right. Dns wil also be an issue the moment between the domains if they have the same netbios name. Let us know how it goes 🙂
Reply
B. Denns
| #
Allen
Can you clarify something for me. Are you saying that the rendom and gpfixup commands should be copied to a domain member and all
run from there ? Would you get to a command prompt and then run them from whatever folder they are in? I assume since the member is joined to a Domain it is that Domain it would call out to to get and run the information. As i normally do I try to read multiple procedures. I find that usually there is something missing no offense – your notes appear great). None of the other posts say to run from a workstation. I am just maink sure i understad right. Also, I did read that ALL members must be on line at the time of the commands, especially the rendom /clean command or even after the two reboots they will not hookup right and would need to be disjoined and rejoined to the new Domain name. Can you comment on that please?
Reply
Allen White
| #
Hi there, working on a Saturday?! NOT GOOD!
No you must run these commands on a domain controller, as once you create and then edit the XML file then run the rendom upload then ,these changes are then replicated live to additonal DC`s, so run the commands from a command prompt on a DC, FSMO holder if possible.
Yes you are correct ALL MEMBERS MUST BE ONLINE as you will of read in point 8 a REBOOT is mentioned not a boot :). This procedure is not a complex as you would imagine and has been tested succesfully numerous times and referenced on social.technet.
Its Saturday evening here in the UK and ive had a few vino`s so I hope I make sense, if not im always around, drop me an email and ill help if I can 🙂
Reply
Rahul
| #
Hii,,
I am using 2008 server and it’s forest level 2003, i want to change domain name of server but the “rendom” Command has been successfully completed and my domain name is changed but in client pc there is no change and some problem is occuring with old domain name.
just like,,in log on time the system is show old domain name and user unable to log on that pc so please suggest any idea for remove this problem.
Reply
Guillermo
| #
Hi Rahul,
A bit late but I’ve just renamed a domain and on the computer client it showed the old domain when logging in because it was the last domain used. Entering the full newdomain\user and password worked correctly.
Reply
Shoman
| #
Hi Rahul,
You need to join the client computer again to the new domain.
Regards
Reply