2003 Server domain rename...experiences...

Y

YeOldeStonecat

[H]F Junkie
Joined
Jul 19, 2004
Messages
11,330
I've not done it, so far I've followed my preference of simply rebuilding the domain..as they've been small enough to justify the cleanliness of re-building/replacing a server, and taking the existing workstations..copying their old profiles to a neutral spot, joining the new domain, and copying in their old profiles.

However...I have a scenario coming up soon..where I think I won't have that luxury. 25 or so remote laptops that VPN in. So I may have to revert to doing a domain rename. (yeah..one of them has a domain in the .com convention...theirdomain.com :rolleyes: )

Single domains, no childs or anything like that.
No Exchange server yet...one is coming down the road...I plan on shoving SBS2K3r2 into the mix in a few months.
4x existing servers....all are 2K3...only 1x is DC...other 3x are just members, 1x for database (Progress), 1x for accounting apps (MAS90, Blackbaud), last one is antivirus management console/mirror)
Approx 60x clients.

Just looking for feedback.."yeah..done it many times..painless"....or "watch out for...<this>"
 
http://technet.microsoft.com/en-us/windowsserver/bb405948.aspx

I've used this guide once in the past and it went well. A few clients reported some DNS issues but after flushing it out everything went fine. The only thing is I didn't have any clients using VPN at that time so you may have to bring those systems in temporarily so they can receive the new login credentials and domain name.
 
side note....whats so bad about naming a domain thedomain.com?
 
marley1 said:
side note....whats so bad about naming a domain thedomain.com?
Click to expand...

The usual convention with 2000 and higher..has been to do "thedomain.local"
One of the reasons is, you get to use the companies registered name in the active directory, but instead of .com...using .local. Say they have a website, www.thedomain.com, and/or mail hosted at some webhost..mail.thedomain.com, the domain controller would think it owns them also, if it's active directory is thedomain.com, and workstations on the network would look at the server for the website or mail hosting. So you'd have to create a record in the servers DNS to point those names to the actual public IP address.
 
I plan on doing it this week. I have an urge to want to be "onsite" for this, rather than perform this remotely. Will be difficult to try to get onsite after hours though. Taking into consideration these points.....would it be OK to perform this during production hours...or should it really be done outside of production hours.

*4x servers...all are 2K3
*Currently only 1x of the servers is the DC, no additional DCs.
*Usually under 20x staff are "in the office and logged in" during production hours.
*No Exchange currently running..that will come afterwards when I introduce SBS to AD next week.
*Larger percentage of users are nurses rotating in and out...laptops..often not in the office for two to three days at a time. Good percentage of them VPN in.
 
YeOldeStonecat said:
I plan on shoving SBS2K3r2 into the mix in a few months.

*No Exchange currently running..that will come afterwards when I introduce SBS to AD next week.
Click to expand...

SBS has to be the root DC. It won't run otherwise. You will be redoing all your work again. Get standalone Exchange.
 
valkon said:
SBS has to be the root DC. It won't run otherwise. You will be redoing all your work again. Get standalone Exchange.
Click to expand...
There are a few ways you can get around that...

The copy of the profiles won't work unless you are going to hack together a roaming profile solution. The user SIDs won't match up from ild to new in the user.dat file.
 
valkon said:
SBS has to be the root DC. It won't run otherwise. You will be redoing all your work again. Get standalone Exchange.
Click to expand...

Correct...SBS has to be the root...the top dog. You can however, install SBS into an existing active directory....you run the SBS install and stop at first log into desktop...and do not continue with the actual setup of all the SBS components. You install DNS...join the domain....run DCPROMO (and forestprep if needed)...transfer the FSMO and catalog and all that stuff...let it sit a few days..and then you continue the install of SBS.

I've done this a couple of times...not a bad experience.

There are a few MS kb articles on it such as this one...
http://support.microsoft.com/kb/884453

Back to original topic...AD name changes...this road I've not gone down before.
 
YeOldeStonecat said:
I plan on doing it this week. I have an urge to want to be "onsite" for this, rather than perform this remotely. Will be difficult to try to get onsite after hours though. Taking into consideration these points.....would it be OK to perform this during production hours...or should it really be done outside of production hours.
Click to expand...

I like doing major surgery late on a Friday evening.
If I'm able to complete it, that's great.
If not, then I have the whole weekend to fix it. :)

Then I usually plan on being onsite again that following
Monday AM or at least make sure I'm available to do so.

Good luck with the project, I hope it goes well.

EDIT: Usually I have no problem asking a staff member of the biz to be available
to let me in after hours to complete major projects. There's no way I would do this
one in a live production environment.
 
I'm actually doing the exact same thing this weekend, for sort of the same reasons.

My domain has a .com extension because previous "IT guys" believed that in order to host a website, the DC had to share the name. They quickly moved the server offsite after nobody could access it reliably (Hmmmm, I wonder why.....retards).

I don't imagine it'll cause any real problems. I only have one DC, and no child domains, so I figure it'll just update all it's crap, I'll reboot the client machines, rejoin any stragglers, and be done with it.
 
I would stay away from SBS in your case. SBS can only handle 75 users and its scalability is crap IMO.
I moved from a SBS to a full 2003 r2 DC because of these limitations in growth (I used the 2003 transition pack)
IMO you should use 2003r2 instaed of sbs.
Renaming a domain isnt bad and win2k3 does it OK with out too much fuss.
Do it after hours and on site.
 
You must log in or register to reply here.
Back
Top