Hello, this is David. I’m a Principal Engineer at Dell, and in this video, I’m going to be covering how to properly rename an Active Directory Domain Controller. Renaming a DC is not something that has to be done very often, and the procedure is not difficult, but it can be a little tricky. It is very important that you make sure you have a good backup of at least one Domain Controller in your domain before trying to rename a DC, just in case something goes wrong.
This is especially important if your domain contains only a single Domain Controller, as a problem with that DC may result in the loss of the entire domain. And remember that a backup of a Domain Controller must include the System State. Some sources online state that you can rename a DC by going here and clicking 'Change', just like you would for any other domain-joined machine. But in my experience, that doesn’t always work. It can cause authentication problems, and in fact, I have seen those problems be extensive enough to where the Domain Controller required a full OS reinstall in order to once again process authentication requests.
So, we’re going to do it a different way using a series of 'netdom' commands. We’ll launch an elevated PowerShell prompt or Command Prompt; either one is fine. As you may have noticed, this DC is named '20222test'. I want to change its name to 'dc'2. It’s one of two DCs in this domain, with 'dc1' being the other one. Before we start the rename, it’s important to make sure that replication is working. So, we check 'repadmin /showrepl', and it shows success for all five partitions. Let’s check it in the other direction, and that shows success as well.
So, we know AD replication is working fine, and we can go ahead and proceed. The first command we want to run is 'netdom computername' and then specify the current name of the DC, which is '2022test.ad.domain.com', then /add:' and the name that we want to change to, dc2.ad.domain.com'. This adds that name as an alternate name for the Domain Controller. We can confirm that by running 'netdom computername' the name of the DC and /enumerate'. That will list all names in use by the DC. We see '2022test' on top, then 'dc2'. Next, we want to run a slightly different command to make 'dc2' the primary name.
So basically, we’ll run the 'netdom computername' command with the '/makeprimary' switch. Everything else will be the same as in the first command; all we’re changing is 'add' to 'makeprimary'. The output of that command says, “Successfully made dc2.ad.domain.com the primary name for the computer. The computer must be rebooted for this name change to take effect." Until then, authentication probably won’t work. So now we need to reboot the DC, and we’ll do that with a 'shutdown' command. We’ll skip a bit here; we don’t need to show the entire boot process. Okay, and now we’re back. If we click on Local Serve' here in 'Server Manager', we will see that the computer name of this DC is now dc2.
So that name change is successful, but we’re not quite done because it’s still using its old name as an alternate name, and we want to get rid of that. So, there’s one more 'netdom' command we need to run: netdom computername', specify the new name of the DC, and then '/remove' and specify the old name. That removes the old name as an alternate name. We can run the 'enumerate' command again to confirm this, and we see dc2.ad.domain.com' is the only name in use.
Now let’s go to 'AD Sites and Services' real quick, and you’ll see that the new name shows up here. We’ll force replication in both directions and then use 'repadmin' again to confirm that that worked. Complete success there, and check the other direction—also complete success for all five partitions. So, the DC rename has completed successfully.
We have confirmed that replication still occurs, and that’s it. This DC is now named dc2.ad.domain.com' Once again, my name is David, I'm a Principal Engineer at Dell, and thank you for watching.
