If you would like to read the other parts of Domain rename with Exchange Server 2003, please go to:
1. At WS1, log in as Contoso Domain Administrator.
2. Launch "Command Prompt", enter "rendom /list".
Figure 12: rendom /list
Using "rendom /list" generates the naming contexts in the forest into a file.
3. Enter "copy Domainlist.xml Domainlist-save.xml".
Figure 13: Copy the Domainlist.xml
4. Enter "notepad domainlist.xml".
Figure 14: Before modifying Domainlist.xml contents
5. I need to modify the following application directory partitions
DomainDNSZones.Contoso.com
ForestDNSZones.Contoso.com
NetBios Name
Before Editing:
<?xml version ="1.0"?>
<?xml version ="1.0"?>
<Forest>
<Domain>
<!-- PartitionType:Application -->
<Guid>f9bb573e-99ae-40c6-9488-af941aedc41a2</Guid>
<DNSname>ForestDnsZones.Contoso.com</DNSname>
<NetBiosName></NetBiosName>
<DcName></DcName>
</Domain>
<Domain>
<!-- PartitionType:Application -->
<Guid>a1509593-ac8e-4639-bb55-623273d198f4</Guid>
<DNSname>DomainDnsZones.Contoso.com</DNSname>
<NetBiosName></NetBiosName>
<DcName></DcName>
</Domain>
<Domain>
<!-- ForestRoot -->
<Guid>555c22d8-7e5b-4ecd-b620-e859a71ef42c</Guid>
<DNSname>Contoso.com</DNSname>
<NetBiosName>CONTOSO</NetBiosName>
<DcName></DcName>
</Domain>
</Forest>
After Editiing:
<?xml version ="1.0"?>
<?xml version ="1.0"?>
<Forest>
<Domain>
<!-- PartitionType:Application -->
<Guid> f9bb573e-99ae-40c6-9488-af941aedc41a2</Guid>
<DNSname>ForestDnsZones.fabrikam.com</DNSname>
<NetBiosName></NetBiosName>
<DcName></DcName>
</Domain>
<Domain>
<!-- PartitionType:Application -->
<Guid> a1509593-ac8e-4639-bb55-623273d198f4</Guid>
<DNSname>DomainDnsZones.fabrikam.com</DNSname>
<NetBiosName></NetBiosName>
<DcName></DcName>
</Domain>
<Domain>
<!-- ForestRoot -->
<Guid>555c22d8-7e5b-4ecd-b620-e859a71ef42c </Guid>
<DNSname>fabrikam.com</DNSname>
<NetBiosName>FABRIKAM</NetBiosName>
<DcName></DcName>
</Domain>
</Forest>
Figure 15: After modifying Domainlist.xml contents
6. Save and close the "Domainlist.xml".
7. At "Command Prompt", enter "rendom /showforest".
Figure 16: rendom /showforest
Using "rendom /showforest" reviews the new forest description in domainlist.xml.
8. Enter "rendom /upload".
Figure 17: rendom /upload
Using "rendom /upload" uploads the configuration of the domainlist.xml to the Domain Naming Master.
9. Enter "notepad dclist.xml".
Figure 18: Domain rename initial state
All domain controllers in this forest have been initialized to the initial state.
10. Back to "Command Prompt", enter "notepad DNSRecords.txt".
Figure 19: DNSRecords contents
These DNS records are uploaded to the Domain Naming Master DNS server.
11. Close "DNSRecords.txt" and "dclist.xml".
12. At "Command Prompt", enter "adsiedit.msc".
13. Right-click "ADSI Edit", select "Connect to".
14. Next to "Select a well known Naming Context", select "Configuration".
15. Next to "Select or type a domain or server", type "dc1.contoso.com".
16. Click "OK".
17. Expand "Configuration [DC1.contoso.com] > CN=Configuration,DC=Contoso,DC=com > CN=Partitions".
18. Right-click "CN=Partitions", select "Properties".
19. Select "msDS-UpdateScript", click "Edit".
20. Ensure the NTDSAscript opType="renamedomain".
Figure 20: msDS-UpdateScript attribute
21. Click "Cancel" twice.
22. Close "ADSI Edit".
23. Back to "Command Prompt", enter "Dsquery server -hasfsmo name".
Figure 21: Dsquery server -hasfsmo name
Remark: "Dsquery server -hasfsmo name" helps you to find the Domain Naming Master server.
24. Enter "repadmin /syncall /AedPq DC1".
Figure 22: Replicate all Active Directory partitions
25. Go to DC1, log in as Contoso Domain Administrator.
26. Click "Start > Run", enter "dnsmgmt.msc".
27. Expand "DC1 > Forward Lookup Zones > _msdcs.fabrikam.com".
28. Verify the "dc" and "gc" domain whether the domains were uploaded.
29. If the domains are not uploaded, perform step 30 - 33.
30. Right-click "_msdcs.fabrikam.com", select "New Domain".
31. Type "gc", click "OK".
32. Right-click "_msdcs.fabrikam.com", select "New Domain".
33. Type "dc", click "OK".
Figure 23: _msdcs.fabrikam.com zones data
The "_msdcs.fabrikam.com" will generate the sub-domains automatically.
34. Back to the "Command Prompt" of WS1, enter "rendom /prepare".
Figure 24: rendom /prepare
Remark: Ensure the firewall isn't enabled when "rendom /prepare" is running.
35. Enter "notepad Dclist.xml".
Figure 25: Domain rename prepared state
All domain controllers in this forest have been changed to the "Prepared" state.
Remark: Ensure all domain controllers in "Prepared" state before running next step.
36. Close Notepad.
37. At "Command Prompt", enter "rendom /execute".
Figure 26: rendom /execute
38. All domain controllers will reboot automatically.
Figure 27: A domain controller is being restart
39. Still in "Command Prompt", enter "notepad Dclist.xml".
Figure 28: Domain rename done state
All domain controllers in this forest have been changed to the "Done" state.
Remark: If, on the other hand, a fatal or irrecoverable error is encountered on a DC while attempting to execute the domain rename instructions, the corresponding state for the domain controller entry in the state file will be uploaded to read <State>Error</State>. For the Error state, the error code is written to the last error field <LastError></LastError> and a corresponding error message is written to the <FatalErrorMsg></FatalErrorMsg> field.
If you determine that an error that has caused a DC to reach the Error state in the dclist.xml file is actually a recoverable error and you feel that forward progress cab be made on that DC by retrying the execution of the domain rename instructions, you can force the "rendom /execute" command to retry issuing the RPC to that DC (instead of skipping it) as described below.
1) In the "dclists.xml", locate the <Retry></Retry> field in the domain controller entry for the DC that you believe should be retried.
2) Edit the "dclist.xml" file such that the filed reads <Retry>yes</Retry> for that entry.
3) Type "rendom /execute" and press [Enter].
40. After all domain controllers restart finished, at DC1, log in as Fabrikam Domain Administrator.
41. Launch "Command Prompt", enter "repadmin /syncall /AedP".
42. Enter "repadmin /syncall /Aed".
43. Restart the WS1 2 times.
44. At WS1, log in as Fabrikam Domain Administrator.
45. Click "Start", right-click "My Computer", select "Properties".
46. Select "Computer Name" tab, verify the Domain and Computer name.
Figure 29: The computer name of WS1
47. Click "Cancel".
48. Launch "Command Prompt", enter "xdr-fixup /s:Domainlist-save.xml /e:Domain;ist.xml /trace:Tracefile /changes:changescript.ldf /restore:restorescript.ldf"
Figure 30: XDR-Fixup
Using "XDR-fixup" generates the files for updating Exchange configuration.
49. At WS1, immediately log off and log in as Fabrikam Domain Administrator.
50. Launch "Command Prompt", enter "ldifed -i -f changescript.ldf"
Figure 31: Apply the changes to the Active Directory
51. Restart all Exchange Servers 2 times.
52. Back to the "Command Prompt" of WS1, enter "rendom /end".
Figure 32: rendom /end
53. Enter "gpfixup /olddns:Contoso.com /newdns:fabrikam.com /oldnb:Contoso /newnb:fabrikam /dc:dc1.fabrikam.com 2>&1 > gpfixup.log.
Figure 33: Fix the group policy for new domains
Remark: /dc:DcDnsName must be the PDC emulator of the domain controller.
Remark: The command line parameters /oldnb and /newnb are only required if the NetBIOS name of the domain changed, otherwise, these parameters can be omitted from the command line for Gpfixup.
54. Enter "Repadmin /syncall /AedPq dc1.fabrikam.com dc=fabrikam,dc=com".
Figure 34: Replicate all domain partitions to other domain controllers
55. Reboot all workstations and member servers twice with the domain renamed.
56. When all member servers and workstations restart finished, enter "rendom /clean".
Figure 35: rendom /clean
57. Restart all domain controllers in this forest.
Cleanup after domain rename
1. At DC1, log in as Fabrikam Domain Administrator.
2. Launch "DNS Manager", expand "DC1 > Forward Lookup Zones".
3. Right-click "Contoso.com", select "Delete".
4. Click "Yes" twice.
5. Right-click "_msdcs.contoso.com", select "Delete".
6. Click "Yes" twice.
7. Close "DNS Manager".
8. Click "Start", right-click "My Computer", select "Properties".
9. Select "Computer Name" tab, click "Change".
10. Click "OK".
11. Click "More".
Figure 36: Primary DNS suffix of this computer
12. Next to "Primary DNS suffix of this computer", type "fabrikam.com".
13. Click "OK" four times.
14. Restart the domain controller.
Remark: You may need to change the primary dns suffix in other domain controllers.
15. At DC1, log in as Domain Administrator.
16. Launch "Group Policy Management Console", you may get the following error:
Figure 37: Group Policy Management Console error
17. Select "Remove this domain from the console", click "OK".
18. At "Group Policy Management Console", right-click "Group Policy Management", select "Add Forest".
19. Next to "Domain", type "fabrikam.com".
20. Click "OK".
Figure 38: Fabrikam.com's Group Policy Management
21. Expand "Forest: fabrikam.com > Domains > fabrikam.com > Group Policy Objects".
22. Right-click "DNS suffix rename", select "Delete".
23. Click "OK".
24. Close "Group Policy Management Console".
25. Launch "ADSI Edit", expand "Domain [dc1.fabrikam.com] > DC=fabrikam,DC=com".
26. Right-click "DC=fabrikam,DC=com", select "Properties".
27. On the "Attribute Editor" tab, select "msDS-AllowedDNSSuffixes", click "Edit".
28. Remove the value "fabrikam.com", click "OK" twice.
29. Close "ADSI Edit".
This is the end of Domain rename with Exchange server 2003
Reference:
Information about configuring Active Directory domains by using single-label DNS names
What is Domain Rename
How Domain Rename works
Domain Rename - Rename a Windows 2003 Forest with Exchange 2003 installed
This posting is provided “AS IS” with no warranties, and confers no rights!
No comments:
Post a Comment