Home » Active Directory
Category Archives: Active Directory
Domain renaming can be done using inbuilt tools, but also make sure that might impact your environment:
Impacts and Risks of Renaming your Domain in Production Environment:
1: Applications Incompatible
2: Users will not be able to login
In this case if you have Exchange (2007, 2010, 2013 or 2016). Below is the Work around
1: Renaming the Domain name in Exchange Environment
Versions : Exchange 2007/2010/2013/2016
is not supported by Microsoft. Single Domain it might work but in Big Environments execute at your own Risk.
a: Register your New Domain
b: Creating Redirection so that the email address sent to Old address will be routed to New email address.
Ok we have discussed with Impacts and Risks now lets begin Renaming Domain. Domain Renaming can be performed using the Tool RENDOM UTILITY
What is this RENDOM UTILITY
In previous versions this tool manually needs to be installed. Versions like
Windows Server 2000, 2003
In Windows Server 2008 & 2012 no need to install this utility or tool, it gets installed as a apart of ADDS (Active Directory Domain Services) role when we promote the server to Domain Controller as shown below:
Now we will see how this Domain renaming executed using the tool
NOTE: Without backup do not execute this tool also make sure you test it your LAB before proceeding directly on your production servers
Open your system properties
my existing Domain Name : Techrid.local and we will rename that to CAPSICUM.local
Go to DNS
Create New Zone as shown below:
New Wizard will be opened , click Next
Here click primary and Click Next
In the Active Directory Zone Replication Scope select second option
“To all DNS servers running on domain controller in the domain: Techrid.local” and click Next
Under the Zone name, give your new domain name here in my scenario I have given Capsicum.local
Under the Dynamic Update select 1st option
“Allow only secure dynamic updates (recommended for AD)
In the Completing Wizard confirm everything is as provided and Click Finish.
Now if you see under the DNS Manager you will see the New Domain Name (Capsicum.local)
Now open Command Prompt “Run as Administrator”. In CMD type “rendom /list -> Enter
This will generate file named “Domainlist.xml”, this will show the forest configuration.
Now Browse to “C:\Users\Administrator” folder to get your “Domainlist.xml”.
Now Right click and Click Edit
After opening Domainlist.xml we will see the existing Domain Names .
Change the existing Domain Names to New Domain Names as shown below.
After changing save the file and close it.
Go back to CMD and run the command “rendom /ShowForest” as shown below:
As we have save the Domainlist.xml file it should show the New Domain Name and not the Old Domain Name as shown below:
Now run the command “rendom /Upload”
This command “rendom /Upload” will rename the file to the Configuration Directory Partition on the DC which is holding the Domain naming Operations master role
Now run the command the next Command “rendom /Prepare”.
This will verifies all the Domain Controllers and perform rename action on each Domain.
Type “rendom /prepare and click Enter
This will let us know how many are there and how many DC’s it’s been contacted as shown below.
This should contact all DC’s in this environment successfully and return with NO errors before jumping into next command.
Type next command “rendom /execute”
Here when you run this command this will verify the readiness check on all DC’s.
Note: There will services interruption while you execute this command “rendom /execute”
Post completion of this command rendom /execute you will be asked to reboot your DC as shown below:
Reboot in process
When your server (DC) back online you will asked to login.
You got error.
Yes you need to change the Domain name “NewDomainName\Administrator”.
Provide the password. Click Next.
You might see the error in the event Viewer -> Under System as shown below:
Event ID : 1006 (Group Policy Failed)
So here you need to open CMD “Run as Administrator”.
Now this is the time to update Group Policy
Run the command “gpfixup /olddns:OldDomainName /newdns:New DomainName ” as shown below:
This will refresh all the domain references and links to group policy objects
Next execute the command “gpfixup /oldnb:DC1 /newnb:Capsicum
“nb refers to Netbios Name”
If this is successful this should give the event ID: 1502
Great we have completed the Domain renaming now this is time to cleanup the entries
Run the command “rendom /clean” click Enter.
This will remove the Old Domain Name in AD
Run the command “rendom /end” click end.
This will unfreeze the Forest Configuration and allow further changes.
This was freezed during the command execution “rendom /upload”
We have completed now you test or dcdiag “Domain Diagnostics”
Command “dcdiag /test:DNS /DNSRecordRegistration /S:DC1”
This should give the no error and show the New Domain Name.
Now Open the DNS click New Domain Name (Capsicum.local) listed with the IP address provided to your old Domain Name
Now turn on you Member servers and join to New Domain (Capsicum.local) and Reboot.
After rebooting login with “NewDomain\Administrator”
Now go to dsa.msc (Active Directory Users & Computers) -> Under the Computers you should see your member server
Go to DNS and under the Capsicum you can see the member servers listed
If you wish you can delete the old Domain Name “Techrid.local”
Great Domain renaming is completed.
MCSA,MCSE | Windows Server 2003 & 2012
Publisher @ Techrid.com