Unable to rename Win 10 Svr 2016 AD joined computer

IT Guy
IT Guy used Ask the Experts™
on
Whenever I try to rename a Windows 10 Pro computer that has is a member of a Server 2016 AD network I receive an error message that says "The following error occurred attempting to rename the computer to "[new computer name]": Access Denied (see the screenshot).

This happens no matter which AD domain administrator account I use (including the administrator domain admin account) and even occurs if I am logged onto the computer with the domain admin account.

This is the only computer where I have ever received this error message on within this network.

I am currently able to rename other domain-joined computers and add new computers to the domain.

What can be done to fix this issue?

Access-Is-Denied-Name-Change
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Seth SimmonsSr. Systems Administrator
Commented:
how is your AD environment setup?  do these admin account delegated access to the OU these machines are in?
it's possible the accounts don't have rights to rename computer accounts

you can also try from the command line using netdom

Netdom renamecomputer
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc788029(v=ws.10)
Director of Information Technology
Commented:
Are you trying to rename and join at the same time?
If so I have experienced the naming and joining at the same time rarely if ever work.
I would recommend renaming the computer, reboot, then join.
IT GuyNetwork Engineer

Author

Commented:
No I am trying to rename the computer which is already attached to the Active Directory domain.

All of these are domain admin accounts that I have previously used too add and rename AD joined computer accounts and that currently work with renaming other AD joined computer accounts and with adding new computers to the AD domain.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Seth SimmonsSr. Systems Administrator
Commented:
This is the only computer where I have ever received this error message on within this network.

then remove from the domain and add again
only machine having an issue i wouldn't waste time trying to figure out why
Distinguished Expert 2017
Commented:
To rename the object without the disjoin/rejoin process Seth outlined, you gave to use netdom
To rename the computer, while updating the AD object at the same time.
Distinguished Expert 2017
Commented:
You need to add the remote server admin tools or you can. Download the install from https://www.microsoft.com/en-us/download/details.aspx?id=45520

Netdom.exe is a utility that is included.

See command option to achieve the rename,
https://support.microsoft.com/en-us/help/325354/how-to-use-the-netdom-exe-utility-to-rename-a-computer-in-windows-serv
Shaun VermaakTechnical Specialist
Awarded 2017
Distinguished Expert 2018
Commented:
Open DSA.msc, enable Advance View and browse to the computer in question.
From properties, go to Security tab then click on Advance.
Do an effective permission on the accounts used during the rename process and revert back.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial