How to rename a domain controller with Single Label Domain (SLD)? Step by Step help
Dear All,
I have two DCs as the following:
- Windows Server 2003 R2 + SP2 (DC/DNS)
- Windows Server 2012 (DC/DNS)
- Forest/Domain Functional level Windows Server 2003.
- FSMO (5) roles are on Windows Server 2012 DC.
- Both DCs are in the same forest/domain (ABCD).
No Exchange server in the environment.
My domain name is created with Single Label Domain (ABCD)
I am facing an issue with creating a two ways Forest Trust between my ABCD domain and my second domain/forest 1234.com.
The DNS forwarder is setup correctly including Zone Transfers between the two forests.
The error that I am getting while trying to create the trust is the following:
[The New Trust Wizard cannot continue because the specified domain cannot be connected, either the domain does not exist or network...]
I am able to reach and run nslookup from both forests.
Both forests are on the same LAN but on different network subnet, routing is enabled between both subnet and I can ping all my DCs.
I want to rename my ABCD domain to ABCD.net
How can I rename the SLD domain safely?
Thank you in advance.
Regards,
Forest-Error.PNG
I have two DCs as the following:
- Windows Server 2003 R2 + SP2 (DC/DNS)
- Windows Server 2012 (DC/DNS)
- Forest/Domain Functional level Windows Server 2003.
- FSMO (5) roles are on Windows Server 2012 DC.
- Both DCs are in the same forest/domain (ABCD).
No Exchange server in the environment.
My domain name is created with Single Label Domain (ABCD)
I am facing an issue with creating a two ways Forest Trust between my ABCD domain and my second domain/forest 1234.com.
The DNS forwarder is setup correctly including Zone Transfers between the two forests.
The error that I am getting while trying to create the trust is the following:
[The New Trust Wizard cannot continue because the specified domain cannot be connected, either the domain does not exist or network...]
I am able to reach and run nslookup from both forests.
Both forests are on the same LAN but on different network subnet, routing is enabled between both subnet and I can ping all my DCs.
I want to rename my ABCD domain to ABCD.net
How can I rename the SLD domain safely?
Thank you in advance.
Regards,
Forest-Error.PNG
How many users you have you can perform domain rename or use ADMT to migrate to new domain but domain rename is risky task and will not recommand the same if nos of users and computer is more.
Active Directory DNS Domain Name Single label names
http://msmvps.com/blogs/acefekay/archive/2009/11/12/active-directory-dns-domain-name-single-label-names.aspx
You need to understand nuances of ADMT and its working before you actually taken on migration production env.Also, its much better if you can simulate in a lab environment for successful result. I have below link which might help you to understand this. Start from reading ADMT guide first.
ADMT Guide: Migrating and Restructuring Active Directory Domains
http://technet.microsoft.com/en-us/library/cc974332(WS.10).aspx
MIGRATING STUFF WITH ADMTV3
http://blogs.dirteam.com/blogs/jorge/archive/2006/12/27/Migrating-stuff-with-ADMTv3.aspx
Interforest Migration with ADMT 3.2
http://social.technet.microsoft.com/wiki/contents/articles/16208.interforest-migration-with-admt-3-2-part-2.aspx
Windows Server 2008 R2 ADDS Domain Rename Operation Document
http://blogs.technet.com/b/justin_gao/archive/2011/06/30/windows-server-2008-r2-adds-domain-rename-operation-document.aspx
Active Directory DNS Domain Name Single label names
http://msmvps.com/blogs/acefekay/archive/2009/11/12/active-directory-dns-domain-name-single-label-names.aspx
You need to understand nuances of ADMT and its working before you actually taken on migration production env.Also, its much better if you can simulate in a lab environment for successful result. I have below link which might help you to understand this. Start from reading ADMT guide first.
ADMT Guide: Migrating and Restructuring Active Directory Domains
http://technet.microsoft.com/en-us/library/cc974332(WS.10).aspx
MIGRATING STUFF WITH ADMTV3
http://blogs.dirteam.com/blogs/jorge/archive/2006/12/27/Migrating-stuff-with-ADMTv3.aspx
Interforest Migration with ADMT 3.2
http://social.technet.microsoft.com/wiki/contents/articles/16208.interforest-migration-with-admt-3-2-part-2.aspx
Windows Server 2008 R2 ADDS Domain Rename Operation Document
http://blogs.technet.com/b/justin_gao/archive/2011/06/30/windows-server-2008-r2-adds-domain-rename-operation-document.aspx
ASKER
I have 85 users/computers joined to the domain and 15 member servers.
I prefer to rename my domain instead of Migrating it.
I want to rename the (ABCD) domain to (ABCD.net)
I need only to add the .net since it's created as SLD.
Your support is highly appreciated.
Regards,
I prefer to rename my domain instead of Migrating it.
I want to rename the (ABCD) domain to (ABCD.net)
I need only to add the .net since it's created as SLD.
Your support is highly appreciated.
Regards,
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Proceed with Domain Rename:
I suggest you drop the 2012 DC out of the domain for the duration of this. You want it as simple as possible and fully supported (2012 is not listed as being supported).
You need to read and understand this:
http://technet.microsoft.com/en-us/library/cc738208(v=ws.10).aspx
Then you can download the tools here:
http://technet.microsoft.com/en-US/windowsserver/bb405948.aspx
The process is quite complex so you must be very careful about following the steps. The majority of problems I've seen with Domain Rename come because a step is missed.
Migrate to a new forest
Depending on your environment, you may find it easier to move to a new domain (using ADMT). You will need to ensure systems can resolve names in single-label-domains to form the trust to help with this. The process for doing that is here:
http://technet.microsoft.com/en-us/library/cc816610(v=ws.10).aspx
That should, at least in theory, fix up your original problem. However, support for single label domains is gone and I suggest you get away from it while you can.
Either way works, it's simply a case of picking the method you're most comfortable with.
HTH
Chris