Solved

How can the domain contriller be renamed without losing the active directory information?

Posted on 2002-04-30
6
171 Views
Last Modified: 2010-04-13
One of my friends upgraded its server from NT 4 to Win 2000 server. It is the ONLY domain controller of the entire network. I do not know what he did, but the domain controller got a period "." in the computer name. This is causing the active directory to behave intermittently. It is not allowing an additional domain controller to replicate the data (because the new computer is unable to find main domain controller). How can the domain contriller be renamed without losing the active directory information? Microsoft's article "How to Rename a Windows 2000 Domain Controller (Q296592)" is also of no use as I am unable to contact the main domain controller.
0
Comment
Question by:amirabbas
  • 3
  • 2
6 Comments
 
LVL 3

Expert Comment

by:hnminh
ID: 6983568
it was not so clear in your description... Did you mean the server name is shown as "SERVERNAME." or "SERVERNAME.DOMAINNAME.COM."? If it is "SERVERNAME." only, I have to doubt that AD has not been installed in this computer so there is no DC in the network. But it sounds impossible to be the case since this was an upgading from a PDC and you did not mention that users in the network could not login into the domain after upgrading.
0
 
LVL 5

Expert Comment

by:matt023
ID: 6984485
your DC name is "."? or you meant your DC name is "servername."?  in either case, you'll have to demote it in order to change its name.  Probably the "Change primary DNS suffix when domain membership changes" (right click My Computer > Network Identification tab > Properties > More) is unchecked before it was promoted to DC.  Sorry, but basically you're screwed.  The only way to change the name without loosing AD information is to bring up another DC, demote this one, change its name, and promote it back.  Backup/restore of the System State won't work either because the server has to have the same name in order to restore System State data.

Try to add an "A" record in the correct zone in DNS with this DC's correct FQDN (name) and try to promote another DC.

Good luck.

0
 

Author Comment

by:amirabbas
ID: 6984934
matt023 and hnminh
 -- the name of server, as shown in the computer properties is demon.lhr and the domain name is demon.isb. I have already tried all of your suggestions. It is a Main domain Controller and people are logging into the domain... but they specify the domain as "isb" not as "demon.isb" As I wrote earlier, it is not possible to bring up another DC since the process fails while trying to transfer the AD data. The error I get is " domain controller could not be contacted". Actually it is confused between the names. Initially, while trying to transfer AD data' it accepts the domain name as "isb" and later in the process it prompts that domin "isb" actually point towards "demon.isb" ; "did you mean that? ". And after a few seconds gives the error that DC could not be contacted.

I have played alot with DNS as well but all invain.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 3

Expert Comment

by:hnminh
ID: 6985131
So NETBIOS domain name is ISB and NETBIOS server name is DEMON.LHR . The dot within the server name might confuse other W2K DC which part was domain name (LHR.DEMON.ISB or DEMON.ISB only). You might want to try to bring up another WINNT 4.0 BDC, which only work with NETBIOS name, upgrade it to W2K, demote the DEMON.LHR DC, choose a proper name for it and promote it back to ADDC.

To do this your AD must be running in mix-mode. Before run WINNT 4.0 setup, use srvmgr to manually add the chosen server name for this BDC as NT DBC in the domain.
0
 
LVL 5

Expert Comment

by:matt023
ID: 6987220
this can be made to work, but you'll have to be clear in describing the FQDN of this DC.  Is the FQDN of this DC demon.lhr.demon.isb?  or the FQDN is demon.lhr?  (Type net config rdr to find out)

if the FQDN is demon.lhr.demon.isb, do the following:
-- look at the demon.isb zone in DNS and see how this DC registered its RR's
-- add an "A" record of demon.lhr in the demon.isb zone
-- change all RR references and SRV records in all sub-zone (_msdcs, _sites, _tcp, _udp) of demon.isb to point to demon.lhr.demon.isb
-- change the PTR record to point to demon.lhr.demon.isb
-- try to promote an additional DC
-- when prompted for a domain to join, specify domain.isb
-- see if this works out
-- if it works, demote the "bad" DC, rename, and join it back
-- you then should go see your friend and smack him on the head

if the FQDN is demon.lhr, you'll be in more trouble because your valid domain name is actually lhr.  You'll need to create a zone called "lhr" and allow the DC to register its DNS RR's.  your clients in demon.isb will then no longer be able to find a DC to logon to.  a domain rejoin will then need to be done for all clients.

good luck.

0
 
LVL 3

Accepted Solution

by:
hnminh earned 200 total points
ID: 6987830
amirabbas, did you try my comment with a new WinNT BDC? Give us some information of your current status.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In  today’s increasingly digital world, managed service providers (MSPs) fight for their customers’ attention, looking for ways to make them stay and purchase more services. One way to encourage that behavior is to develop a dependable brand of prod…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now