"aftrshock" <> wrote in message
news:...
>
> Meinolf and Ace;
>
> thanks for the replies.
>
> The walkthru I followed did not mention resetting the DNS suffix nor
> creating a new zone; I thought that would be done with the rename.
>
> Most of my progress is on another bbs; essentially, what happened was
> exactly as you're describing.
>
> I did the rename, the domain broke, the GPs broke, DNS in its entirity
> broke, in essence, the functionality was gone. The only thing that
> worked was my TS servers into the system, and remote desktop from there,
> but no workstations could log on.
>
> After modifying the domain suffix on the DC, I also had to modify the
> domain suffix given in DHCP, which was run by the server.
>
> I think I will be making a full checklist of what all I would do if I
> were to do it again, in hopes that someone else undertaking this task
> would avoid the conflicts and issues I had.
>
> I tell you, there was nothing good about a financial institution losing
> $$$s by the minute because the web surfing took forever from an issue w/
> DNS, and having the fella breathing down my neck.
>
> All in all, it was sorted out in about an hour and a half, once I was
> physically there.
>
> I will post my steps in an update; for now its the weekend, and this
> was in my inbox.
>
> Thanks much for looking to help me and provide assistance to people;
> without these BBS's I never would've found ADSIedit, and without that, I
> coudlnt' have copied over all of the items (kerberos and ldap and all of
> these things I have no idea about) and reset them to work for my new
> domain.
>
Unfortunate this all occured. FWIW, I'm posting my blog on domain renames
below, if it will help any further, as a guideline for renames and what to
do to ensure all works. Yes, it is a big task, and glad you got it going,
for now.
================================================== ================================================== ==
================================================== ================================================== ==
Domain Rename Procedure and Notes:
First, are you sure you want to rename the domain? Read up on it first:
How Domain Rename Works:
http://technet.microsoft.com/en-us/l.../cc738208.aspx
Note: The Domain and Forest functional levels must be set to minimal 2003.
This means no Windows 2000 domain controllers can exist in the Forest. Also,
if you have Exchange 2003, make sure it is minimal SP1 in order to support a
domain rename. If Exchange 2000, either upgrade to 2003, or Exmerge all of
your mailboxes to PSTs, uninstall Exchange 2000, run the domain rename
operation, then reinstall Exchange 2000, and use Exmerge to pump the
mailboxes back in the user's newly created mailbox accounts.
How to raise domain and forest functional levels in Windows Server ...The
attribute is msDS-Behavior-Version on the CN=Partitions, CN=Configuration,
DC=ForestRootDom, DC=tld object. Value of 0 or not set=mixed level forest
....
http://support.microsoft.com/kb/322692
Also, if a PKI infrastructure was installed (Certificate Services), it will
need to be removed first prior to a domain rename:
How to decommission a Windows enterprise certification authority:
http://support.microsoft.com/kb/889250
819145 - Support WebCast Microsoft Windows Server 2003 Implementing an
Active Directory Domain Rename Operation:
http://support.microsoft.com/default...uct=winsvr2003
Windows Server 2003 Active Directory Domain Rename Tools:
http://technet.microsoft.com/en-us/w.../bb405948.aspx
Domain Rename – Rename a Windows 2003 Forest with Exchange 2003 installed
(ifyou don't have Exchange, you can ignore the Exchange part)
http://www.msexchange.org/tutorials/Domain-Rename.html
Domain Rename Part 1 - Setup
http://thelazyadmin.com/blogs/thelaz...00_-Setup.aspx
Domain Rename Part 2 - Renaming
http://thelazyadmin.com/blogs/thelaz...-Renaming.aspx
Domain Rename Part 3 - Exchange 2003
http://thelazyadmin.com/blogs/thelaz...ange-2003.aspx
Now if you have Exchange 2003, here is what you need as well:
Supplemental steps for using the Exchange Server Domain Rename Fixup tool
together with the Windows Server 2003 domain rename tools:
http://support.microsoft.com/kb/842116/
Domain Rename – Rename a Windows 2003 Forest with Exchange 2003 installed
http://www.msexchange.org/tutorials/Domain-Rename.html
Error messages encountered on renaming domain
http://support.microsoft.com/kb/891370
---
The following was quoted from:
http://technet.microsoft.com/en-us/l.../cc738208.aspx
Keep in mind after a rename procedure, the DC's Primary DNS Suffix is not
automatically changed to match the new domain name. You are required to
change the Primary DNS Suffix to match the new name. In other words, unlike
the names of member computers, the DNS names of domain controllers in a
renamed domain will remain unchanged. The domain controllers can be renamed
in a separate step, using a special domain controller rename procedure,
after the domain rename operation is complete. You must double-check ALL
domain members to insure that their Primary DNS Suffix matches the new
domain name.
257623 The DNS suffix of the computer name of a new domain controller may
not match the name of the domain after you upgrade a Windows NT 4.0 primary
domain controller to Windows 2000
http://support.microsoft.com/default...b;EN-US;257623
If Exchange 2007 is involved, it is not supported at this time. You must
uninstall Exchange 2007, then rename the domain, then reinstall Exchange
2007. I know it is easier said then done, but that seems to be the only
option at this time.
Exchange 2007 installed is not supported:
The Microsoft Exchange System Attendant service does not start on a
computer that is running Exchange Server 2007 after you rename a Windows
Server 2003 domain
http://support.microsoft.com/kb/925822
Exchange 2007 and Domain Rename
http://theessentialexchange.com/blog...in-rename.aspx
---
ADMT to migrate into a new forest/domain:
For 2003:
ADMT v3 Migration Guide
http://www.microsoft.com/downloads/d...displaylang=en
Active Directory Migration Tool v3.0
http://www.microsoft.com/downloads/d...displaylang=en
For 2008:
ADMT v3.1 Guide: Migrating and Restructuring Active Directory Domains
http://www.microsoft.com/downloads/d...displaylang=en
Active Directory Migration Tool version 3.1
http://www.microsoft.com/downloads/d...displaylang=en
Password Export Server version 3.1 (x86)
http://www.microsoft.com/downloads/d...displaylang=en
Password Export Server version 3.1 (x64)
http://www.microsoft.com/downloads/d...displaylang=en
Domain Migration Cookbook - Index and Cover:
http://www.microsoft.com/technet/pro.../cookintr.mspx
================================================== ================================================== ==
================================================== ================================================== ==
Ace
Similar Threads
Linear Mode
