二年前,曾经同时更改过上海,北京,成都,广州这个地方的WINDOWS AD DC。
可能还会涉及,
现在可以完全看英文了。
大概流程还是有印象的。但上次从一个弃用的香港服务器上夺取FSMO权限,北京DC正在更改域名时断电的过程,都太 惊险刺激了。
细节慢慢再完善。。
How to Rename a Server 2008 Domain
Written by Allen White on. Posted in SBS2008/2011, Server 2008
IT Problem
If you need to rename you server 2008 or server 2008 r2 domain name then this is a quite a serious task, follow the step by step guide below on changing the domain name of your windows domain.
IT Solution
Before we start there are a few prerequisites
- Enterprise Administrator permissions are required.
- The forest functional level must be at least Windows Server 2003 or 2008, and all DC’s running at least Server 2003 .
- A DNS zone for the new domain must already be in place.
- The Rendom and Gpfixup tools must be copied to a domain member workstation to perform the rename . Its best not to run this from a DC.
- Have a read of the link below for details on requirements if you’re using DFS redirection, roaming profiles, running a CA, or Exchange Server.
http://technet.microsoft.com/en-us/library/cc794869%28WS.10%29.aspx
The domain rename is performed with the Rendom tool, which is installed with Active Directory when you dcpromo a server . Once this process is started, you must ensure that no changes are made to the forest configuration or active directory until complete.
1. Run “rendom /list” to generate a state file named Domainlist.xml. This file contains the latest forest configuration.
2. Then Edit the state file, changing the <DNSname> and <NetBiosName> fields to the the name for the new domain name.
3. Run “rendom /showforest” this shows what changes will be made..
4. Run “rendom /upload” to upload the rename instructions to the configuration directory partition on the domain controller holding the domain naming operations master role. changes are then replicated to all other DC’s in the forest. Once replicated to all DC’s, the rename instructions are ready ran. You can force replication by running the “repadmin /syncall” command.
5. Run “rendom /prepare” to verify the readiness of each domain controller in the forest to carry out the rename instructions. If all is well you should recive no errors back.
6. Run “rendom /do”, this checks the readiness of all DC’s, then preforms the rename action on each dc one by one. AD will not be available at this time. Once tis is done all dc`s will reboot.
( if this domain is a server 2008 R2 domain the command is “rendom /execute” instead of “rendom /do”. Thanks to Harish Vajja for the update .
7. Run “gpfixup” to refresh all intradomain references and links to group policy objects.
8. Reboot client computers and member servers twice to obtain new domain name. Because the GUID’s of the domain remain the same during the rename process, domain membership is not affected. The DNS suffix of the client machines will also be updated assuming the default option of “Change primary DNS suffix when domain membership changes” is enabled.
9. Run “rendom /clean” to remove references of the ancient domain name from Active Directory.
10. Run “rendom /end” to unfreeze the forest configuration and allow further changes. This was frozen during the rendom /upload step.
