Renaming two servers in AD

Whats the trick to re-naming two servers already in AD?

I had serverPA and ServerA. I went to rename one to ServerAX and ServerPA to the original ServerA. The first server was taking on the name of the second server, along with its IP address.

I shut down the old server, reset its computer object in AD. Then went to new server and changed the IP address and name to the old servers.

Now I cannot login to either. I have tried removing from domain and adding to domain a couple of times since the name changes. I keep getting an error saying either the DC is down (its not) or the computer objext is not found, thats the old 2003 server we are replacing, and in the 2008 server we are getting a similiar issue worded differently, but more about a trust relationship.

Trying to figure out how to get around this now and fix it. Network is fine, IP addresses are correct, I can ping everything.

Any suggestions?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Peter HutchisonSenior Network Systems SpecialistCommented:
Are these just member servers or domain controllers?
Check the IP addresses and esp. the DNS IP addresses which is needed to talk to the AD DNS servers.
Jonathan BriteSystem AdminCommented:
Have you removed the actual server from Active Directory under "Computers"?.  You should be able to just remove the servers themselves from AD Users and Groups, then be able to re-add them back in.  You need to log in as local admin on the 2 servers and should be prompted for your domain admin credentials once you try to elevate.  Also, you may want to remove the old entries from DNS as this may also be causing a communications issue.
Will SzymkowskiSenior Solution ArchitectCommented:
Re-naming a server can be dangerous depending on what services it is hosting. Also, when you are re-naming a server these changes need to replicate to all other DC's. If replication has not happened and you are trying to authenticate to a DC that thinks ServerPA is the old ServerPA then you are going to run into an issue because the SID do no match.

Also make sure that your DNS settings are correct as you have stated that you modified the NIC properties for the IP address make sure DNS is also correct.

Also try waiting a little longer and see if replication takes place.

You can use the following command to check replication.

repadmin /replsum
repadmin /showrepl

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

T.J.Author Commented:
These are member servers, no DC.

DNS IP are the same on both.

I originally reset the AD computer object in the OU it was in.  I did not delete it originally. But I did delete one of them the second time.

I'm wondering if I need to login locally to both, remove the server from the domain again, reboot to local account. Then delete the computer objects in AD again, then try to join to the domain again.
Will SzymkowskiSenior Solution ArchitectCommented:
Rather than removing the machine from the domain i would suggest doing the following first.

netdom reset <computername> / /UserO:Administrator /PasswordO:*

Open in new window

Change username to your username and when you press enter type in your password. This command resets the secure channel between the workstation and the domain.

In the future just rename the computer object, this way it will keep the same original SID, which is how objects are identified on the domain.

If the above netdom command does not work then do a remove/add to the domain again.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
T.J.Author Commented:
Thank you, we eventually got the situation handled. Your help was appreciated! Learned something too.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.