**DISCLOSURE: While I am contracted to Microsoft Corporation, I am not an employee. The articles that I write are not meant to represent the company, nor are they meant to represent me as an employee or spokesman for the company. As has always been the case, all articles on this website represent me and nobody else.
**NOTE: All of the command line entries in this article are performed in PowerShell. To differentiate between the PowerShell cmdlets and Command Line Interpreter commands, the PowerShell cmdlets are in blue, and the Commands are in black.
In my new role I need a demo environment to be able to show my customers the technologies we are discussing. My company provided me with a pre-built demo environment, which is extremely helpful. The lab environment was built with the domain name CSS.Lab. I know I will be using this lab to connect it to a demo Microsoft 365 tenant, and I would like to be able to match the name of the tenant to name of my local domain. In order to do that, I need to rename my domain.
Before we go forward, I want to mention that while renaming your domain is supported, it is not a task to be taken lightly. It is a task that gets much more complicated as your environment grows, and will not be supported by all applications. For example, it is supported by Microsoft Exchange Server 2003, but not by later versions of Exchange. Be careful. If you have a lab environment, I strongly suggest you try it there before doing it in your production environment. If you do not have a lab environment, I strongly suggest you build a lab environment and try it there before doing this in your production environment.
In this article we will be renaming the domain CSS.Lab to Behike.ca.
The first step is to create the DNS zone. Domain Naming System is the backbone for Active Directory, without which nothing will work.
Add-DnsServerPrimaryZone -Name “behike.ca” -ReplicationScope Forest –PassThru
The result should look something like this. Note that it might look different, but these are the results you want:
ZoneName ZoneType IsAutoCreated IsDsIntegrated IsReverseLookupZone
——– ——– ——- – ————- ——–
behike.ca Primary False True F
The next step is to create a domain state file called Domainlist.xml which will contain your forest configuration. To do this, run the following commands:
cd\
md DomainInfo
cd DomainInfo
rendom /list
The file will be created in whatever directory you are in, so while you do not have to do it in the directory I chose, do not do it in a system directory.
We will now edit that file to reflect the new information. Open it with Notepad, and do a simple Replace to change the old domain name with the new. You will also have to replace the NetBIOS name. When you are done, it should look like this:
Remember, this was a new and pristine domain, so there were only three DNS entries and one NetBIOS entry. Your environment may be larger.
Now we want to show the intended changes, so enter the following command:
rendom /showforest
You should see something like this:
Now we need to upload the renaming instructions to the directory partition on the domain controller which holds the Operations Master role (remember your FSMO roles?). This will also freeze your ability to make changes to the forest until we are done. To do that, enter the following:
rendom /upload
This should return “The operation completed successfully” pretty quickly.
Next we will verify that each domain controller in the forest is ready. The following command will contact all of your DCs. If no errors are returned, you are ready to move forward. Type:
rendom /prepare
Hopefully you get the following results (with the only difference being the number of domain controllers)
So let’s do it:
rendom /execute
It won’t take too long, and you will see your directory service will be restarted. That means that you will be kicked out!
After the server is rebooted, you should be able to log on to the newly renamed domain. This is the logon screen I was presented with a couple of minutes after the last command:
I log in (my domain name may be different, but the accounts are not), and from my command prompt I check my device state:
dsregcmd /status
Now I am going to run a command to fix up my group policy… just to clean up any old links that may be lingering:
gpfixup /olddns:CSS.Lab /newdns:behike.ca
We have to do the same for the NetBIOS names as well:
gpfixup /oldnb:CSS /newnb:BEHIKE
We have to let your domain know that we are renaming this domain controller:
netdom computername dc1.css.lab /add:dc1.behike.ca
netdom computername dc1.css.lab /MakePrimary:dc1.behike.ca
After you do this, reboot your DC.
Now, just in case there is anything left over, let’s run a clean command to remove any lingering references to the old domain name:
rendom /clean
Now let’s unfreeze the forest configuration that we froze early in the process (when we ran rendom /upload)
rendom /end
So, we are mostly done. We are going to have to create a couple of records manually. Let’s start with an A Record for the domain controller:
Add-DnsServerResourceRecordA -Name DC1 -IPv4Address 192.168.2.52 -ZoneName behike.ca -TimeToLive 01:00:00
Okay, so that’s your A Record. However, your IP configuration is still set with the old DNS zone. We’ll change that with the following script:
$networkConfig = Get-WmiObject Win32_NetworkAdapterConfiguration -filter “ipenabled = ‘true’”
$networkConfig.SetDnsDomain(“behike.ca”)
$networkConfig.SetDynamicDNSRegistration($true,$true)
ipconfig /registerdns
Congratulations, you have renamed your domain. There may be a few minor remnants of the old, but all in all you should be good to go.
CONCLUSION
Renaming a production domain should only be done as a last resort. It is certainly doable if you follow the steps outlined herein, but remember: There be dragons here! Do this with great caution, and whatever you do, do not rush it. Plan it out, and you should be able to accomplish your goal.
The World According to Mitch 
Leave a Reply