Rename AD Domain
Rename AD Domain
It is sometimes necessary to change the name of the Active Directory domain. This operation is delicate to perform mainly if exchange or sql servers are present. After verifying the good state of health of the Active Directory, the change can be performed using the rendom command. The latter is present in the domain controller as a builtin.
Preparename AD Domain
In the first time, create DNS zone with the new DNS name of the Active Directory domain. It is necessary to open a DOS command and then run the rendom /list command. This will allow the creation of the domainlist.xml file but also to list the Active Directory partition in the forest.
Open the xml file and then make the change of the latter in order to replace the old name of the AD domain by the new.
Enter the rendom /showforest command to verify the use of the new domain.
You can now execute rendom /upload. This command to make the change on the domain controllers. It is possible to force replication by using the command repadmin /syncall /APed.
The rendom/prepare command to ensure readiness of different domain controllers. The dclist.xml file allows to track the status. Check the presence of Prepared in the tag
Finish and clean
The change of the DNS suffix can be done now, for this the netdom command must be used.
Execute the command netdom computername Nom.NomAncienDomaine.priv /add:Nom.NomNouveauDomain.priv to add the new DNS suffix.
The new DNS suffix should be regarded as primary, for this execute netdom computername Nom.NomAncienDomaine.priv /makeprimary Nom.NomNouveauDomain.priv
After you perform a restart of the server, the old DNS suffix can now be removed. To do this run the command netdom computername Nom.NomNouveauDomain.priv /remove:Nom.NomAncienDomaine.priv
Restart a second time the server. Before finalizing the renaming operation, we will repair the links of the GPMC (GPOs) in Active Directory. Run gpfixup /olddns:OldName.priv /newdns:NexName.priv /dc:DCNAME
Before you perform the next operation, it is necessary from ensures that all desktops and servers recovered well the update without which it will be necessary to proceed to the rejonction domain. If your network consists of a PKI (certificate authority), it is better to delete and then reinstall it. The latter is very linked to the nmo servers and DNS suffix.
If all Computer and Server have recovered the new name, execute the rendom /clean command.
This command permit to remove the forwarders of migration (“msDS-DnsRootAlias” and “msDS-UpdateScript”) from the old domain to the new listed in Active Directory.
Following this event log monitoring must be carried out, proceed also to the removal of the authorization of the DHCP and add authorization. It is possible that the name of the former domain name is present in some GPO., so you need modify the name
It is now possible to delete the old DNS zone.