renaming a domain

Posted on 2005-05-04
Last Modified: 2010-04-18
I want to change the domain name on a server 2003.  Info given by MS in "Help and Support" says to use "netdom" but that doesn't work.
Question by:ecjeeninga
    LVL 3

    Expert Comment

    You must have 2 servers one with old domain name and another one with clean installation of windows 2003 server and both are connected to eachother and after that do following:

    Open Command Prompt.
    netdom computername CurrentComputerName /add:NewComputerName

    This command will update the service principal name (SPN) attributes in Active Directory for this computer account and register DNS resource records for the new computer name. The SPN value of the computer account must be replicated to all domain controllers for the domain and the DNS resource records for the new computer name must be distributed to all the authoritative DNS servers for the domain name. If the updates and registrations have not occurred prior to removing the old computer name, then some clients may be unable to locate this computer using the new or old name.

    Ensure the computer account updates and DNS registrations are completed, then type:
    netdom computername CurrentComputerName /makeprimary:NewComputerName

    Restart the computer.
    From the command prompt, type:
    netdom computername NewComputerName /remove:OldComputerName

    Value Description
    CurrentComputerName The current, or primary, computer name or IP address of the computer you are renaming.
    NewComputerName The new name for the computer. The NewComputerName must be a fully qualified domain name (FQDN). The primary DNS suffix specified in the FQDN for NewComputerName must be the same as the primary DNS suffix of CurrentComputerName or it must be contained in the list of allowed DNS suffixes specified in the msDS-AllowedDNSSuffixes attribute of the domainDns object.
    OldComputerName The old name of renamed computer.


    To rename a domain controller using the Netdom tool, the domain functional level must be set to Windows Server 2003. For more information, Related Topics.
    Renaming a domain controller requires that you first provide a FQDN as a new computer name for the domain controller. All of the computer accounts for the domain controller must contain the updated SPN attribute and all the authoritative DNS servers for the domain name must contain the host (A) resource record for the new computer name. Both the old and new computer names are maintained until you remove the old computer name. This ensures that there will be no interruption in the ability of clients to locate or authenticate to the renamed domain controller, except when the domain controller is restarted.

    To perform this procedure, you must be a member of the Domain Admins group or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure.
    To open a command prompt, click Start, point to All Programs, point to Accessories, and then click Command Prompt.
    This command-line method requires the Netdom Windows support tool. For information about installing Windows support tools, see Related Topics.
    If the domain controller belongs to a group with a Group Policy enabled on its primary DNS suffix, the string specified in the Group Policy is used as the primary DNS suffix. The local setting is used only if the Group Policy is disabled or unspecified.
    By default, the primary DNS suffix portion of a computer's FQDN is the same as the name of the Active Directory domain to which the computer is joined. To allow different primary DNS suffixes, a domain administrator can create a restricted list of allowed suffixes by creating the msDS-AllowedDNSSuffixes attribute in the domain object container. This attribute is managed by the domain administrator using Active Directory Service Interfaces (ADSI) or Lightweight Directory Access Protocol (LDAP). For more information about programming interfaces and directory access protocol, see Related Topics.
    Domain controller locator (Locator) DNS resource records are registered by the domain controller after the renamed domain controller has been restarted. The records that are registered are available on the domain controller in the systemroot\System32\Config\Netlogon.dns file.
    To enumerate the names with which the computer is currently configured, at a command prompt, type:
    netdom computername ComputerName /enumerate:{AlternateNames | PrimaryName | AllNames}

    You can also specify a parameter that will use administrator credentials required to modify the computer account in Active Directory. If this parameter is not specified, Netdom uses the credentials of the user currently logged on. For more information, see the Netdom command-line help.
    If you rename a domain controller through the System Properties dialog box instead of using the Netdom tool, DNS and Active Directory replication latency may delay the ability of clients to locate or authenticate to the renamed domain controller.

    Try and let me know.


    LVL 9

    Accepted Solution

    If you want to change the name of your domain you can use the rendom tool described in this article:

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
    I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    6 Experts available now in Live!

    Get 1:1 Help Now