Windows Server 2016-Renaming a domain controller

When the company developed to a certain scale or information construction to a certain extent, a lot of information standards promulgated; Many of the initial server building, including service building and other computer names are by default or randomly named, not easy to distinguish between business or service. Through the preceding chapters we have a certain understanding of Active Directory domain control, today we will briefly explain how to rename the production environment domain controller, the following for your reference.

Considerations for renaming domain controllers:

A, execute the Rename Operation permission account must be Domain Admins group and Enterprise Admins member;

b, the domain controller needs to be win 2003 and later, and the domain functional level of Windows Server 2003 or more;

C, Windows Server 2008 and later the default comes with the Netdom tool, can be renamed directly;

D, in Win 2003, the operation needs to use the Support Tools extension package comes with the system supporting tool netdom;

E, if the role is not the same domain controller, please ensure that network communication, resolution and synchronization between servers is normal;

Operation Steps:

1. To make it easier to see the effect, we migrate the RID master role to the domain controller Spare.azureyun.local server that needs to be renamed this time, with the following steps:

PS c:\> ntdsutil.exec:\windows\system32\ntdsutil.exe:rolesfsmo maintenance:connectionsserver connections: Connect to server Spare.azureyun.local bind to Spare.azureyun.local ... Connect Spare.azureyun.local with the credentials of this logged-on user. Server Connections:quitfsmo maintenance:transfer RID masterfsmo maintenance:quitc:\windows\system32\ntdsutil.exe: Quitps c:\>

2. View the current RID master role location of Spare.azureyun.local:

3. Before starting the operation we determine the hostname, IP address information and FSMO role distribution information:

PowerShell View IP address information command: foreach ($IPV 4 in (ipconfig)-like ' *ipv4* ') {($IPV 4-split ': ') [-1]}

View current FSMO role Information netdom query FSMO

4. View information about renaming command-line help:

Ps c:\> netdom computername /? The syntax for this command is: netdom computername machine [/ usero:user] [/passwordo:[password | *]] [/userd:user] [/passwordd:[password |  *]] [/SecurePasswordPrompt] /Add:<new-alternate-DNS-name> | /Remove:< alternate-dns-name> | /makeprimary:<computer-dns-name> | /enumerate[:{ Alternatenames | primaryname | allnames}] | /verifynetdom computername   Manage the computer's primary and alternate names. This command can be used to safely rename a domain controller or server. machine -  the name of the computer whose name you want to manage. /usero -  the user account password that is used to establish a connection to the managed computer/passwordo - /usero  the specified user accounts. *  means that you are prompted for a password/userd -  the user account that is used to establish a connection to the domain of the managed computer/passwordd - /userd  the specified user accounts password. *  means prompt for password/add -  Specifies that a new replacement name should be added. The new name must be a fully qualified dns  name (fqdn-computer name followed by the main  DNS  suffix, such as  comp1.example.com). /remove -  Specifies that an existing replacement name should be deleted. The name to be removed must be a fully qualified  DNS  name (fqdn -  computer name followed by the primary  dns  suffixes, such as  comp1.example.com). /makeprimary -  Specifies that an existing replacement name should be converted to the primary name. The name that is converted to the primary name must be a fully   qualified  DNS  name (fqdn -  computer name followed by the primary  DNS  suffix, such as  comp1.example.com). /enumerate -  lists the specified names. The default is  allnames. /verify -  Check if each computer name exists  DNS A  record and  SPN/SecurePasswordPrompt -  Use the security Credentials pop-up window to specify credentials. This option should be used when you need to specify smart card credentials. This option is only valid if the password value is provided in  * .

5. Verify the current spare domain controller FQDN name :

netdom computername Computername/enumerate:{alternatenames | Primaryname | Allnames} NOTE: ComputerName is the domain control fqdn;enumerate is the filter item, optionally the output name Category: Allnames (Show All), AlternateNames (alias only), Primaryname (main name only), display all by default.

netdom computername spare.azureyun.local/enumerate

6. Add a new FQDN name for the current domain controller:

Add a new FQDN name for the domain controller v2spare:

netdom computername Oldcomputername/add:newcomputernameoldcomputername is the current host name, ip\fqdn\ The NetBIOS name can be newcomputername as the alternate name to add, in this case: v2spare.azureyun.local

netdom computername spare.azureyun.local/add:v2spare.azureyun.local

and view all the available FQDN names for the current domain controller by command:

netdom computername spare.azureyun.local/enumerate

7. Set the newly added FQDN name to online mode, update the new name to be replaced in the domain environment, including the DNS record, etc. after this operation is complete, remember to restart the server for the configuration to take effect:

netdom computername spare.azureyun.local/makeprimary:v2spare.azureyun.local

Restart the current domain controller;

8. After rebooting we find the command line query when the position changes, here we delete the original FQDN name:

netdom computername v2spare.azureyun.local/remove:spare.azureyun.local

9. Delete the original server on the DNS server corresponding resolution:

10. See if the current other DNS records are updated:

11. To this, the entire rename operation is basically complete, and if you are not sure we can view the current FSMO role information from the command line as follows:

Quick Operation steps:

netdom computername Current domain controller fqdn/enumeratenetdom ComputerName Current domain controller fqdn/add: New FQDN name netdom computername current domain controller FQDN/ Makeprimary: New FQDN name restart server netdom computername new FQDN name/remove:spare.azureyun.local

Windows Server 2016-Renaming a domain controller