Domain Rename - The Lab
Prerequisite
1. Domain: Old.com
2. Domain Controller: Win2k3-DC
3. Member Server (Control Station): Win2k3-MS
4. Client Machine: WinXP
Both the Domain Controller and the Member Server are on Windows 2003 and Client Machine on Windows XP
Rendom.exe is included with the Windows Server 2003 operating system CD. However, an updated version of Rendom.exe is available for download in the following Microsoft Windows Server 2003 Domain Rename Tools Web site: http://technet.microsoft.com/en-us/windowsserver/bb405948.aspx
Create a DNS ZONE with the NEW Name (New.com)
Rendom /List
- Generate Current Forest Description
- Rendom contacts the Domain Naming Master
- An XML File (DomainList.XML) is Created
Oops... We got an Err...
- An XML File (DomainList.XML) is Created when you run Rendom /List
Open the DomainList.XML file in a Notepad and edit the changes (New Domain Name)
Changes : Domain Directory Partition and Application Directory Partition (Forest DNS and Domain DNS)
Rendom /Showforest: Display the contents of the DomainList.XML File
Rendom /Upload
- Generates Domain Rename instruction and upload them to the Domain Naming Master
- Generates the instructions to update the forest depending upon the XML file that was Edited
- The Instructions are uploaded to the configuration partition on the Domain Naming Master
- It also creates a file DCLIST.XML that contains entry of every domain controller in the forest
- This step writes all the changes to
a. msDS-UpdateScript
b. msDS-DNSRootAlias
Check if the New Domain Zone is Populated in DNS...
Repadmin /Syncall /d /e /P /q
- Push Instructions To All DCs
- Push replication so that the domain rename instructions that were uploaded to domain naming master will be pushed to all the domain controllers
- Check if all the domain controllers have registered their records in DNS with the new domain
Rendom /Execute
- Execute Domain Rename Instructions
- Issues an RPC to every Domain Controller to execute the instructions
Once you run this command the DC reboots automatically and you now login to new domain on the DC
Wow.. We now see the "New" domain name in GINA on the domain controller
And ofcourse in the system properties of the domain controller... But wait... The domain name is "New" but the FQDN has still not changed...
In registry, If you still see entries of the old domain, then change them manually (else we can use a script as well)
Now it looks good...
Done...
Rendom /End
- Unfreeze Forest Configuration
- After domain rename, the forest configuration is in a frozen state. You cannot add any domain or can create a new trust
GPFIXUP
- Fix Group Policy Objects and Links
- Repairs GPO and Group Policy Links
- Does not fix any inter domain GPO links
- Inter domain GPO Links has to be manually broken and reconfigured
Gpfixup Command
Rendom / Clean
- Clean Up Process
- Removes all the values from DNSRootAlias and UpdateScripts
Prerequisite
1. Domain: Old.com
2. Domain Controller: Win2k3-DC
3. Member Server (Control Station): Win2k3-MS
4. Client Machine: WinXP
Both the Domain Controller and the Member Server are on Windows 2003 and Client Machine on Windows XP
Rendom.exe is included with the Windows Server 2003 operating system CD. However, an updated version of Rendom.exe is available for download in the following Microsoft Windows Server 2003 Domain Rename Tools Web site: http://technet.microsoft.com/en-us/windowsserver/bb405948.aspx
Path of Domain Rename Installation: C:\Program Files\Microsoft Domain Rename Tools
The folder contains "rendom.exe", "gpfixup.exe" and a complete documentation of how to do domain rename
Create a DNS ZONE with the NEW Name (New.com)
Rendom /List
- Generate Current Forest Description
- Rendom contacts the Domain Naming Master
- An XML File (DomainList.XML) is Created
Oops... We got an Err...
Lets change the mode to Windows 2003...
- An XML File (DomainList.XML) is Created when you run Rendom /List
Open the DomainList.XML file in a Notepad and edit the changes (New Domain Name)
Changes : Domain Directory Partition and Application Directory Partition (Forest DNS and Domain DNS)
Rendom /Showforest: Display the contents of the DomainList.XML File
Rendom /Upload
- Generates Domain Rename instruction and upload them to the Domain Naming Master
- Generates the instructions to update the forest depending upon the XML file that was Edited
- The Instructions are uploaded to the configuration partition on the Domain Naming Master
- It also creates a file DCLIST.XML that contains entry of every domain controller in the forest
a. msDS-UpdateScript
b. msDS-DNSRootAlias
Check if the New Domain Zone is Populated in DNS...
Repadmin /Syncall /d /e /P /q
- Push Instructions To All DCs
- Push replication so that the domain rename instructions that were uploaded to domain naming master will be pushed to all the domain controllers
- Check if all the domain controllers have registered their records in DNS with the new domain
Rendom /Prepare
- Verify Readiness of Domain Controllers
- Causes the control station to issue RPC to all the domain controllers and verify if domain controllers is in good state
Rendom /Execute
- Execute Domain Rename Instructions
- Issues an RPC to every Domain Controller to execute the instructions
Wow.. We now see the "New" domain name in GINA on the domain controller
And ofcourse in the system properties of the domain controller... But wait... The domain name is "New" but the FQDN has still not changed...
In registry, If you still see entries of the old domain, then change them manually (else we can use a script as well)
Now it looks good...
Lets see the Member Server.... hmm... Same Issue... The domain name is "New" but the FQDN has still not changed...
Reboot control station twice
Done...
Rendom /End
- Unfreeze Forest Configuration
- After domain rename, the forest configuration is in a frozen state. You cannot add any domain or can create a new trust
On the client machine... Reboot work station twice
This one also done...
GPFIXUP
- Fix Group Policy Objects and Links
- Repairs GPO and Group Policy Links
- Does not fix any inter domain GPO links
- Inter domain GPO Links has to be manually broken and reconfigured
Gpfixup Command
Rendom / Clean
- Clean Up Process
- Removes all the values from DNSRootAlias and UpdateScripts
*With Inputs from Yogesh Sir (yogek)
