fromano2802
asked on
How to change a windows 2000 domain name?
Hello everyone,
we are in the process of renaming the company name and subsequently we want to change the windows 2000 domain name and the Exchange 2000 server organization to reflect our new name.
Now, I know that there are many issues involved in changing the domain. I read almost everything in the Internet and I came out with different ideas.
I don't know if my ideas are correct, so I am here to ask for the help of you expert...
Requirements: we want to keep both names for the time being, so customers can gradually get used to the new name. We don't want to forward the mail directed to the old domain to our new domain. Users must be able to access both their old and newly created mailboxes. The win2k domain is behind a firewall. The Users in the new domain have to keep the rights they had in the old domain.
1) My first idea is to set up a domain controller and a mail server backup all the users' accounts and the mailboxes, take it off the network and demote the other domain controllers in order to start a new domain. I am aware that doing that I have to get rif also of the exchange organization. After that, I rejoin the server I took off the network and create trust relationship between the two domains for the time being until we decide to get rid completely of the old name.
2) create a new domain in a new box with the new name and create trust relationship between the two domains for the time being until we decide to get rid of the old name.
3) Set up a domain controller and a mail server backup all the users' accounts and the mailboxes, update the other domain controllers to win2k3, uninstall Exchange, change the name, reinstall exchange, create the trust. Keep the two domains for the time being.
I look forward to receive your suggestions,
regards
fromano2802
we are in the process of renaming the company name and subsequently we want to change the windows 2000 domain name and the Exchange 2000 server organization to reflect our new name.
Now, I know that there are many issues involved in changing the domain. I read almost everything in the Internet and I came out with different ideas.
I don't know if my ideas are correct, so I am here to ask for the help of you expert...
Requirements: we want to keep both names for the time being, so customers can gradually get used to the new name. We don't want to forward the mail directed to the old domain to our new domain. Users must be able to access both their old and newly created mailboxes. The win2k domain is behind a firewall. The Users in the new domain have to keep the rights they had in the old domain.
1) My first idea is to set up a domain controller and a mail server backup all the users' accounts and the mailboxes, take it off the network and demote the other domain controllers in order to start a new domain. I am aware that doing that I have to get rif also of the exchange organization. After that, I rejoin the server I took off the network and create trust relationship between the two domains for the time being until we decide to get rid completely of the old name.
2) create a new domain in a new box with the new name and create trust relationship between the two domains for the time being until we decide to get rid of the old name.
3) Set up a domain controller and a mail server backup all the users' accounts and the mailboxes, update the other domain controllers to win2k3, uninstall Exchange, change the name, reinstall exchange, create the trust. Keep the two domains for the time being.
I look forward to receive your suggestions,
regards
fromano2802
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The domain renaming tool is also available for Windows 2000 networks. Please use the search tool on www.microsoft.com.
ASKER
I don't think there is such a tool for win 2000. People at microsoft are advertising this as a new feature for win2k3.
Anyway, I'd like to leave the win2k3 option as my last resource in case there is no other way to do what it needs to be done.
Thx
Anyway, I'd like to leave the win2k3 option as my last resource in case there is no other way to do what it needs to be done.
Thx
http://support.microsoft.com/default.aspx?scid=kb;EN-US;292541
--------------------------
To Rename a Windows 2000 Domain
Create a backup of any and/or all domain controllers that may be involved in this process.
If there are no existing Windows NT 4.0 BDCs in the Windows 2000 domain, then you have to install one that is preferably running service pack 6 or 6a. If you want, you can install a second BDC and then physically remove it from the domain to serve as a backup for the domain information as it contains all of the domain user accounts, and the Security Accounts Manager (SAM) and security information.
Allow sufficient time for this BDC to acquire all domain security and SAM information. To force a full SAM/security database replication, run the following command on the BDC:
net accounts /sync
A record of the successful full replication events should be logged in the System log.
If there is only one Windows 2000 domain controller in the domain, leave the Windows NT 4.0 BDC connected to the network, and then physically remove the Windows 2000 domain controller from the network. Make sure that the Windows 2000 domain controller is isolated from the rest of the network. If it is plugged into a hub, make sure it is not connected to the rest of the domain. If you have only one Windows 2000 domain controller, you can perform step 6 now before you continue with the demotion of the Windows 2000 domain controller.
You must now demote all the Windows 2000 domain controllers to member servers by running the dcpromo command on the actual domain controller. To run this command, click Start, click Run, type dcpromo, and then click OK. If there are more than one Windows 2000 domain controller, run dcpromo on each of them to make each one a member server, until there is only one Windows 2000 domain controller remaining.
Now you can disconnect the Windows 2000 domain controller from the network, while leaving the Windows NT 4.0 BDC connected. Run dcpromo on this last domain controller, and be sure to choose the last domain controller in the domain option. When this completes, and the computer restarts, it will be a member server in a work group, which you can then rejoin to the domain if you want to. If you disconnected one Windows 2000 domain controller in step 4, then you simply run the dcpromo command on it as described in this step.
Note: To run dcpromo successfully, the network adapter must detect a network connection. Therefore, the Windows 2000 domain controller must be attached to an active hub or switch, even if there are no other connections to the hub or switch, and it is isolated from everything else which is desired.
Open Server Manager on the Windows NT 4.0 BDC and promote this computer to a primary domain controller (PDC). If a message appears stating that it cannot contact the PDC and asks if you want to continue, click Yes, and then complete the promotion. When this is complete and the server restarts, verify in Server Manager that the computer it is now described as the PDC.
Upgrade this Windows NT 4.0 PDC to Windows 2000. When the Windows 2000 upgrade is complete, the computer restarts to begin the Active Directory installation. During this process, enter the desired domain name.
If you have demoted other Windows 2000 domain controllers earlier, you can now promote them back to domain controllers by running dcpromo on them.
--------------------------
Hope this helps,
LucF
--------------------------
To Rename a Windows 2000 Domain
Create a backup of any and/or all domain controllers that may be involved in this process.
If there are no existing Windows NT 4.0 BDCs in the Windows 2000 domain, then you have to install one that is preferably running service pack 6 or 6a. If you want, you can install a second BDC and then physically remove it from the domain to serve as a backup for the domain information as it contains all of the domain user accounts, and the Security Accounts Manager (SAM) and security information.
Allow sufficient time for this BDC to acquire all domain security and SAM information. To force a full SAM/security database replication, run the following command on the BDC:
net accounts /sync
A record of the successful full replication events should be logged in the System log.
If there is only one Windows 2000 domain controller in the domain, leave the Windows NT 4.0 BDC connected to the network, and then physically remove the Windows 2000 domain controller from the network. Make sure that the Windows 2000 domain controller is isolated from the rest of the network. If it is plugged into a hub, make sure it is not connected to the rest of the domain. If you have only one Windows 2000 domain controller, you can perform step 6 now before you continue with the demotion of the Windows 2000 domain controller.
You must now demote all the Windows 2000 domain controllers to member servers by running the dcpromo command on the actual domain controller. To run this command, click Start, click Run, type dcpromo, and then click OK. If there are more than one Windows 2000 domain controller, run dcpromo on each of them to make each one a member server, until there is only one Windows 2000 domain controller remaining.
Now you can disconnect the Windows 2000 domain controller from the network, while leaving the Windows NT 4.0 BDC connected. Run dcpromo on this last domain controller, and be sure to choose the last domain controller in the domain option. When this completes, and the computer restarts, it will be a member server in a work group, which you can then rejoin to the domain if you want to. If you disconnected one Windows 2000 domain controller in step 4, then you simply run the dcpromo command on it as described in this step.
Note: To run dcpromo successfully, the network adapter must detect a network connection. Therefore, the Windows 2000 domain controller must be attached to an active hub or switch, even if there are no other connections to the hub or switch, and it is isolated from everything else which is desired.
Open Server Manager on the Windows NT 4.0 BDC and promote this computer to a primary domain controller (PDC). If a message appears stating that it cannot contact the PDC and asks if you want to continue, click Yes, and then complete the promotion. When this is complete and the server restarts, verify in Server Manager that the computer it is now described as the PDC.
Upgrade this Windows NT 4.0 PDC to Windows 2000. When the Windows 2000 upgrade is complete, the computer restarts to begin the Active Directory installation. During this process, enter the desired domain name.
If you have demoted other Windows 2000 domain controllers earlier, you can now promote them back to domain controllers by running dcpromo on them.
--------------------------
Hope this helps,
LucF
ASKER
Thank you for your help,
but I don't think I can't use the method you suggested because my windows 2000 domain is in NATIVE mode not mixed, therefore I can't add any win NT domain controllers.
fromano2802
but I don't think I can't use the method you suggested because my windows 2000 domain is in NATIVE mode not mixed, therefore I can't add any win NT domain controllers.
fromano2802
Too bad, it was worth a shot :(
I'll see if I can find anything else.
I'll see if I can find anything else.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
fromano2802,
No comment has been added lately (113 days), so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area for this question:
RECOMMENDATION: split points between vtobusman http:#9679984 and dcmartinpc http:#9731180
Accept vtobusman's suggestions
Please leave any comments here within 4 days.
-- Please DO NOT accept this comment as an answer ! --
Thanks,
kabaam
EE Cleanup Volunteer
No comment has been added lately (113 days), so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area for this question:
RECOMMENDATION: split points between vtobusman http:#9679984 and dcmartinpc http:#9731180
Accept vtobusman's suggestions
Please leave any comments here within 4 days.
-- Please DO NOT accept this comment as an answer ! --
Thanks,
kabaam
EE Cleanup Volunteer