Should I repair this missing top-level domain name issue and if so how?

I have inherited a small NT domain with 1 forest, 1 domain, 1 dc (2003 Server Std.) and about 15 clients (XP Pro). I noticed that there is a constant DNS error of event 6702 - DNS has updated its own host record...Since there is no other DS-integrated peer, it says I can ignore it but I hate to have errors. Also, the dc( and therefore the domain) is named without a top-level. It is server.xyz, no server.xyz.local, which again I prefer. Thew clients seem to be working ok, accessing network shares, etc. The DHCP server is setup though with 015 DNS domain name option as xyz.local....why everything is working I don't know. And the DHCP address leases auotmatically include RAS leases to the dc and again they are server.xyz.local while all the clients are client.xyz. Should I be concerned here or leave as is? I was even considering running the domain rename tool. My concern now would be if in the future if all of the sudden I start having issues added clients to the domain, especially more Vista or 7 clients. What should I do to fix some of these issues?
xav1963Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

oBdACommented:
Start with this article to get this domain going as far as it can with the single-label domain:
Information about configuring Windows for domains with single-label DNS names
http://support.microsoft.com/kb/300684

Then with ibly 15 clients, I'd migrate that domain into a new one. Domain renaming with a single-label domain can even more easily go wrong than with a regular name.
The following article applies to most AD domains, not only SBS:
The Domain Name System name recommendations for Small Business Server 2000 and Windows Small Business Server 2003
http://support.microsoft.com/kb/296250
0
xav1963Author Commented:
ok... how do i migrate it to a new domain? Do I just use dcpromo and demote the dc then run it again? will I still be able to access the old user files and folders so to change permissions?
0
oBdACommented:
If you're limited to that one server, then dcpromo down and up again.
Should you have the possibility of upgrading the hardware as well, you could use the ADMT:
Active Directory Migration Tool version 3.1
http://www.microsoft.com/downloadS/details.aspx?familyid=AE279D01-7DCA-413C-A9D2-B42DFB746059&displaylang=en
Another option if you don't have additional server hardware would be to install the first new DC as VM or on desktop hardware, migrate the users using ADMT, then dcpromo down the "old" server, join it to the new domain, dcpromo it, and move the roles from the temp machine to the "old" server.
As far as file permissions are concerned: make sure the (domain) local group Administrators(!--not (only)Domain Admins!) and the System account have Full permissions on all files. The local Administrators group has always the same SID, Domain Admins are linked to one single domain.

For the user profiles on the workstations, assuming you're doing this with the ADMT and a domain trust, do the following on each workstation:
1. Log on once with the "new" user; this will create the new profile folder.
2. Log off, log back on with an administrative accounts that's neither the old nor the new account.
Right-click "My Computer", go to "Properties". Go to the "Advanced" Tab and click on the "Settings" button in the "User Profiles" section. Highligh the "old" account, click "Copy". Browse to the "new" profile folder. *Before* you click the "OK" button, change the profile's user to the "new" user.
3. Log off, log back on with the "new" account, and you should have the "old" settings.


What you can try as well is to setup a separate virtual DC with the functions, services, and name of your current DC and a test workstation (obviously without connection to your production AD), and test the renaming. If it works there, chances are that it will work in your production domain as well.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
xav1963Author Commented:
Thanks for the info....will give it a try...
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.