Tonight I’m performing what is widely considered by most IT guys as the worst/scariest Active Directory based management operation… I’m renaming an existing domain name. This is a challenge, because one wrong command and I can screw up the entire domain causing a major nightmare for myself and users. Of course, the benefits outweigh the risk since I’ll have the network structure I really want AND will make management tasks a whole lot easier in the future.

However, as any good IT guy should know to do, I am taking a lot of precautions to prevent any headaches…

1. I’m having all clients shutdown their systems in order to prevent any conflicts and stray connections from gumming up the process. It also gives me an exit strategy in case anything goes wrong.

2. I’m taking a full system image of the server OS drive just in case of a botched rename, so that I can quickly and easily restore the server in a worst-case scenario.

I’ll post the exact steps taken once I’ve completed the process so that others can know what works and what doesn’t, but for now, I’m using this tutorial as a guideline…

http://techrepublic.com.com/5208-6230-0.html?forumID=102&threadID=229757

Update: The upgrade was a smashing success and incredibly easy. The link above provides the exact steps that I followed with one exception– since I was only worried about ONE domain controller, I ran all the commands directly from the DC rather than hassle with a control station. When I get a chance, I’ll still post the exact steps that I followed.

In the mean time, here’s some tips to make the process easier:

1. If possible, shut down ALL clients and servers within the domain with the exception of the DC’s and your “control station.” In my case, I had my laptop running with XP, but I didn’t end up using it for anything.
2. Make a full backup (better yet, a Ghost image) of your DC’s system drive(s) in case of any catastrophe. If your clients and servers are shutdown and you have a perfect backup, then you always have a fallback to make it all seem like it never happened in case of disaster.
3. Follow the instructions in the link above step-by-step. Don’t skip them, and don’t assume it doesn’t apply to you… the exception is Exchange and Live Communications Server details can be skipped if you’re not using those in your environment.
4. Boot up your clients and member servers a handful at a time… then without logging in, reboot them again. YOU MUST REBOOT THEM AGAIN, OR THEY WILL NOT DOWNLOAD THE NEW GROUP POLICY DETAILS!
5. Once your systems have been rebooted, select the new domain name and log in a domain user to test connectivity. Verify their computer name and DNS suffix listings.
6. On your servers, make sure that you go into Administrative Tools > Services and make sure that all the service logins are updated for things like SQL that might use a specific user account instead of the system account… the first couple times your servers reboot, they’ll throw up event log warnings about services not starting.

This entry was posted on Tuesday, December 9th, 2008 at 1:08 PM and is filed under Tech News.