Solved

Rename Server 2003 domain to avoid "single label domain" error when migrating to server 2008?

Posted on 2012-04-10
9
1,055 Views
Last Modified: 2012-07-27
Hello Experts!

I have inherited a very odd top level domain of SQ.SpeedyQuote
There is only one DC and it is Windows Server 2003 Standard SP2. (server1.SQ.SpeedyQuote)
The previous sysadmin tried to migrate it to a new Server 2008 R2 and failed.
The error message he couldn't get past said he could not continue because it was a "single label domain name". I was under the impression that if you had a period in the domain name anywhere, even if its "SQ.SpeedyQuote" that it is not a single label name, it just has a really awkward top level name (instead of .local at the end). To be safe (and make my domain look normal) I was considering using the domain rename toolkit for server 2003 and adding .local to the end of it. I was wondering how risky it is to use the tool or how well it works. If I were to use it, am I missing any steps? :

1. Raise Domain and Forest Functional Level to Server 2003 (they both already are)
2. run "rendom /list" then "copy domainlist.xml domainlist-save.xml"
3. Modify domainlist.xml and change all instances of the domain name and save
4. run "rendom /upload" then "rendom /prepare" then "rendom /execute"
5. reboot server
6. run "rendom /end"

please share any tips or warnings about things you've encountered that went wrong during a domain rename using rendom and a suggestion of if you believe it is necessary or a good idea.
0
Comment
Question by:EndTheFed
9 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 37827585
Nothing really out there that you have to worry about that is critical just make sure you follow every step. The link I'm posting is the one I used which worked great.

http://www.petri.co.il/windows_2003_domain_rename.htm

I would still recommend to migrate to Windows 2008 Server R2 by using ADMT 3.0 to start on a fresh domain
0
 
LVL 25

Assisted Solution

by:Tony1044
Tony1044 earned 500 total points
ID: 37827628
Do you have Exchange on the domain?

If so you absolutely cannot rename the domain I'm afraid - it will simply break Exchange.

In that case, a new domain and a cross-forest migration are your only real hope.
0
 

Author Comment

by:EndTheFed
ID: 37827660
@dariusg: I am very comfortable when it comes to adprep, dcpromo, transferring FSMO roles, etc and don't usually have issues with that. Are there any advantages to using ADMT 3 instead?

@Tony1044: excellent question, sorry I forgot to mention; there is no exchange yet (thank god), so that won't be an issue.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 37827688
Honestly with a single label domain name I usually migrate to a whole different domain with ADMT.

If you are upgrading your current domain to Windows 2008 Server you would use adprep, etc.

You can keep the domain that you renamed but I usually migrate to a different domian
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:EndTheFed
ID: 37827713
Is my domain in fact a single label domain? I just find it odd that "speedyquote.local" would not be a single label, but that my "SQ.SpeedyQuote" would be a single label... I've always thought single label has no period, such as "speedyquote". Since I don't have exchange I would rather (if it is safe) just rename my domain and add .local to the end so I can be sure I won't get the single label domain error when moving AD to new 2008 R2 and promoting it.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 37827764
Well technically no but it doesn't conform to the regular domain schemes
0
 

Accepted Solution

by:
EndTheFed earned 0 total points
ID: 37882911
I read many guides for this procedure including the 80 page step-by-step from Microsoft. I was hoping to find a checklist of some sort that I could move through and just about every one I read was different and was missing steps or added new precautions about things it would break. I essentially combined them all and created my own. After writing it, I followed it and it worked flawlessly. I HIGHLY recommend reading the full 81 page Microsoft document because there are so many things this process will break without preparation including: Domain/Forest Trusts, DNS, GPO, DFS, Folder Redirection, Roaming Profiles, Exchange, Certificate Authority, and Software Distribution Point servers (SDP).

Example:
Old   Domain Name:      SQ.speedyquotes.
New Domain Name:      sq.speedyquotes.com

1.      Verify that the Forest Functional Level and Domain Functional Level are raised to Server 2003.
2.      Verify that the only DNS entry on all servers/DHCP is set to the Windows DNS server.
a.      Having any DNS server listed other than the Windows DNS server will break this process.
b.      Do NOT use any external ISP DNS. Do NOT use a loopback (127.0.0.1).
3.      Verify there are no DC’s waiting for reboots due to windows updates. (If there are, reboot them)
4.      Disable any unused NIC on all DC’s from Device Manager.
5.      The only version of Exchange compatible with a domain rename is Exchange 2003 SP1 (If you have this version it requires additional steps not listed here!)

PREPARE DNS
6.      Create a new Primary Forward Lookup Zone with the FQDN of the Domain’s new name.
a.      Allow secure dynamic updates.
b.      Example:
Current FLZ: SQ.speedyquotes.
New FLZ: sq.speedyquotes.com

PREPARE DFS
7.      If you use the domain name in a file path (example: \\SQ.speedyquotes\DFS) renaming the domain will break all DFS paths. However if you use NetBios names in file paths (example: \\sqserver1\DFS) and the NetBios name is not changed, it will not break the file path.
8.      This WILL affect/break roaming profiles.

SETUP A CONTROL STATION
9.      You must use a Windows Server 2003 SP2 Standard, Enterprise, or Datacenter edition server which is a member of the Domain you are renaming. It can NOT be a Domain Controller.
10.      Download the latest version of Windows Server 2003 Support Tools:
a.      http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=15326
b.      3/12/2007. version 1.0
11.      Download the latest version of Windows Server 2003 Active Directory Domain Rename Tools
a.      http://technet.microsoft.com/en-us/windowsserver/bb405948.aspx
b.      8/19/2004. rendom version 1.4, gpfixup version 1.1
c.      Download and read/study the full 81 page Step-by-Step Guide

RENAME DOMAIN FROM CONTROL STATION
12.      Run “rendom /list”
a.      Run “copy domainlist.xml domainlist-save.xml” to save the forest config file.
13.      Open the “domainlist.xml” in Notepad and CHANGE ALL instances of the old domain name to the new domain name and if necessary modify the NetBios name (this will break all NetBios file paths). Save the file with changes.
a.      DO NOT TOUCH THE <GUID>
b.      Example
< ----- Partition Type: Application ----- >
DNSname: DomainDnsZones.sq.speedyquotes.com
NetBIOSname: none
DcName: none
< ----- Partition Type: Application ----- >
DNSname: ForestDnsZones.sq.speedyquotes.com
NetBIOSname: none
DcName: none
< ----- Forest Root ----- >
DNSname: sq.speedyquotes.com
NetBIOSname: SQ
DcName: none
14.      Run “rendom /showforest” to display the modified Forest name file to confirm your changes are correct.
15.      Run “rendom /upload” to generate the rename instructions and send them to the DC
a.      If you have multiple DC’s run “repadmin /syncall /APed” from Support Tools to force replication.
b.      Check DNS for 1 new CNAME and new SRV records for the new domain name.
16.      Run “rendom /prepare” to verify all DC’s are ready, open dclist.xml look for <State>Prepared</State> if successful (or Error if failed). DO NOT CHANGE THE STATE MANUALLY.
17.      Run “rendom /execute” to actually execute the domain rename on the DC (from the CS).
a.      All DC’s will reboot automatically.
b.      Reboot the Control Station twice. If it comes up on the new domain name correctly:
18.      Rename the Domain Controller.
a.      Add the new DNS suffix:
“netdom computername sqserver1.sq.speedyquote /add: sqserver1.sq.speedyquote.com
b.      Change the primary DNS suffix:
“netdom computername sqserver1.sq.speedyquote /makeprimary sqserver1.sq.speedyquote.com
c.      Reboot the DC
d.      Remove the old DNS suffix:
“netdom computername sqserver1.sq.speedyquote.com /remove: sqserver1.sq.speedyquote
19.      Run “rendom /end”
20.      Delete and Recreate all external domain trusts in ADDT. Then verify with nltest:
a.      “nltest /sc-query: sq.speedyquote.com” (from a DC in the renamed domain)
b.      “nltest /sc-query: sp.speedyparts.com” (from the trusting domain)
21.      Fix DFS if necessary
22.      Fix GPO links:
a.      gpfixup /olddns:sq.speedyquote /newdns:sq.speedyquote.com /oldnb:SQ /newnb:SQ /dc: sqserver1.sq.speedyquote.com /user:username /pwd:password 2>1 > gpfixup.log
23.      Reboot all computers and servers twice (MAKE SURE ALL COMPUTERS ARE ON AND NOT IN SLEEP/HIBERNATE)
24.      Test all applications
25.      Recommended to WAIT 1 WEEK to make sure ALL computers (laptops, older computers that were unplugged) made it to the new domain name.
26.      Run “rendom /clean” Once this is run any computers that were not connected, on, and rebooted twice, will no longer be a member of the domain. They will have to be added to the domain again. If you are renaming your domain because you’re planning on migrating AD to Windows Server 2008 you must run the rendom /clean command first to complete the domain rename before beginning the migration.
27.      Delete the old FLZ from DNS. (sq.speedyquote)
28.      Run “dcdiag /v /e /c”
29.      Run “netdiag /debug /v”
How-to-rename-a-Windows-2k3-doma.doc
0
 

Author Closing Comment

by:EndTheFed
ID: 37905370
Thanks to everyone for your help. I hope if others find this post the step-by-step .doc attachment will help.
0
 
LVL 7

Expert Comment

by:nytekgirl
ID: 38231167
Thank you for this.  I am tackling the domain rename process in the upcoming weeks and this is exactly the kind of information I have been looking for!
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
A procedure for exporting installed hotfix details of remote computers using powershell
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now