Yes, you can change DNS and NetBIOS names in Windows 2003. In part one, "Renaming forests: Windows Server 2003 tackles an old AD problem," SearchWin2000.com contributor Doug Paddock explains when you should and should not attempt domain or forest renaming. In this installment, he outlines the initial steps you'll need to take to perform this complicated operation.
Requirements for using the Domain Rename -- or rendom -- command make its implementation resemble a schema change operation in the sense that rendom is a powerful command that can have wide-ranging results. The command rendom /list creates an .xml document (domainlist.xml) that shows a listing of both domain and application directory partitions in your forest. A sample listing of this file is shown below for the forest "ad.local":
<?xml version ="1.0"?> <Forest> <Domain> <!-- PartitionType:Application --> <Guid>4ab37354-0259-4415-850c-f27e53abfa71</Guid> <DNSname>ForestDnsZones.ad.local</DNSname> <NetBiosName></NetBiosName> <DcName></DcName> </Domain> <Domain> <!-- PartitionType:Application --> <Guid>dae5f1c7-e212-43a7-8ea5-16cd1fc01b87</Guid> <DNSname>DomainDnsZones.ad.local</DNSname> <NetBiosName></NetBiosName> <DcName></DcName> </Domain> <Domain> <!-- ForestRoot --> <Guid>afe2d5b0-2f60-42a9-8d48-b09786417621</Guid> <DNSname>ad.local</DNSname> <NetBiosName>AD</NetBiosName> <DcName></DcName> </Domain> </Forest>
This file is generated as a text file and is edited to change the current DNS and NetBIOS names to their new names. (Warning: Do not try to change the GUID; it is fixed). Note that the DNS names to be changed are between the definitions
After you have edited your .xml file to reflect the desired changes, you can use the rendom /showforest command to reflect the new forest structure in your changed domainlist.xml file. The /showforest switch does not start any operations, nor does it change the forest structure. It is simply an aid to help you ensure that you have made the right entries in the .xml file.
Once you have created your .xml file and changed it to reflect your desired changes, you will need to upload the instructions so they can be executed on each individual DC in your forest. Executing the rendom /upload command will transfer the necessary information to the Domain Naming Master for your forest, specifically to the configuration directory partition. From here, the instructions will be replicated to every DC in the forest. As part of the rendom /upload command, the instructions will be reformatted into a unique script. This script isn't going to make any changes itself; it is just going to give the DCs instructions on how to perform various rendom commands that will be generated later.
Rendom is also going to generate a file called the state file that will track the stages of each change on each DC in the forest. This file is called DClist.xml. Rendom records four states for each DC in the state file. They are:
- Initial: DCs that can be contacted during the procedure.
- Prepared: When the rename instructions have been verified by a DC itself, the DC will be moved to the Prepared state.
- Either Done, indicating the rename procedure took place successfully, or Error, showing that a probably irrecoverable error occurred and the rename process halted.
The process continues from here, but is simply too long to document in this article. What I have offered to this point simply provides you with an idea of both the planning required and the complexity of this operation. You'll find the complete step-by-step instructions in the documentation referenced below.
Renaming a domain or forest is definitely not a routine project, and it should be instituted only in response to a far-reaching requirement, such as a major company reorganization or merger. It is a time-consuming process, and it may need to be done in separate operations that will have your forest down for a time while some of the necessary operations are performed. As another example, since your domain controllers' host names will not match the new domain DNS name automatically, you must rename your DCs if you want the host names to match.
To sum up, Domain Rename is a potentially useful tool that may be just what you are looking for if you need to reorganize your forest, but it is a resource that should be used sparingly, if at all. You can download the two tools you will need for performing the actual Domain Rename operations; they're available as Zip files ("rendom.exe" and "gpfixup.exe") on the Microsoft Web site, along with the documentation "Understanding How Domain Rename Works" and "Step-by-Step Guide to Implementing Domain Rename." http://www.microsoft.com/windowsserver2003/downloads/domainrename.mspx.) And remember: Read both articles thoroughly before attempting any type of forest or domain rename.
>> Click to go back to part one, "Renaming forests: Windows Server 2003 tackles an old AD problem"
About the author:Douglas Paddock is an IT instructor at Louisville Technical Institute in Louisville, Ky. He holds CIW Security Analyst, CIW Certified Instructor, MCSE, MCT, MCSA, A+ and N+ certifications.