Rename a Domain Controller

Rename a Domain Controller KB ID 0001886

Problem

I’ve done a few migrating to {version} domain controller articles, and today I got asked,

How can you rename the “Server Name” back to the old one after migration ?e.g. from “Lan-2025” to “Lan-2019”

So, as the VMs from the last article were still running on the test bench, I ran though it to demonstrate.

Solution: Rename a Domain Controller

If you would like to add a new Windows Server 2025 domain controller to an existing domain here is the procedure.

Note: if you are not changing the domain controller name to a previous one, and simply want to rename a DC to something else, skip to THIS SECTION.

Rename a Domain Controller: Remove Stale DNS records

Never assume that demoting, and removing the old DCs does a great job of tidying up DNS it does not. So before we rename out new DC to the old DC name let’s make sure there’s nothing ‘hanging about’ that needs to be cleaned up. You can of course go hunting for them manually and remove them, but why when we have PowerShell. Typically a simple domain will have a” _msdcs.domain-name.domain-extension” and a “domain-name.domain-extension” forward lookup domain. (Your DNS server might have many forward lookup zones so run through them sequentially.

I’m stating with my _msdcs.test.net forward lookup zone, First I’m reading in ALL the DNS records for that domain.

[box]

$alldnsrecords = Get-DnsServerResourceRecord -ZoneName “_msdcs.test.netVIEW THE RESULTS BY SIMPLY CALLING THAT BACK

$alldnsrecords
[/box]

In my example there are not many records and I can see there’s none for the old DC name LAN-2019.test.net or for its IP address 192.168.110.10 so I’m skipping to the next step. Yours may have, if so you can delete them with the following commands;

[box]

$deadDC = $alldnsrecords | Where-Object {$_.RecordData.IPv4Address -eq “192.168.110.10” -or $_.RecordData.NameServer -eq “LAN-2019.test.net.” -or $_.RecordData.DomainName -eq “LAN-2019.test.net.”}

$deadDC | Remove-DnsServerResourceRecord -ZoneName “_msdcs.test.net

[/box]

Let’s do the same for my normal domain forward lookup zone test.net.

[box]

$alldnsrecords = Get-DnsServerResourceRecord -ZoneName “test.net

[/box]

As you can see (below) there a a few old records here for the LAN2019.test.net server, and a few for its old IP address (192.168.110.10) WARNING: I’m making the assumption your DCs have static IP addresses and those IP addresses ARE NOT in a DHCP scope, or some clown HAS NOT issued the old IP to another server!

Let’s filter those records so we just see the ones we are interested in.

[box]

$deadDC = $alldnsrecords | Where-Object {$_.RecordData.IPv4Address -eq “192.168.110.10” -or $_.RecordData.NameServer -eq “LAN-2019.test.net.” -or $_.RecordData.DomainName -eq “LAN-2019.test.net.”}

[/box]

And we can remove them with. (WARNING add -whatif to the end of the command if you are nervous and want to check what will happen before proceeding, if you are happy rerun the command without the -whatif switch).

[box]

$deadDC | Remove-DnsServerResourceRecord -ZoneName “test.net

[/box]

Rename a Domain Controller: Remove Stale Reverse DNS Records

Reverse DNS lookup zones typically are a lot easier to just do manually.

Rename a Domain Controller: Domain Cleanup

There should not be any need to do a metadata cleanup if the demotion and removal went smoothly, but there will probably be some junk left behind. I’ve demoted the old DC and removed it from the domain, but the computer object still remains (in a disabled state) let’s remove that.

    

Also often there’s an orphaned object in sites and services for the old DC, let’s remove that.

Rename a Domain Controller

Finally! The process is simple, we add a secondary name to the Domain controller (the old DC name), then we make that second name the primary name, reboot the server, and remove the unwanted server name. To add a new secondary name open an administrative PowerShell Window and use the following syntax.

[box]

netdom computername LAN-2025.test.net /add:LAN-2019.test.net

THEN TO VIEW THE RESULTS

netdom computername LAN-2025.test.net /enumerate

[/box]

Change the OLD DC name to be the primary with the following command, which will need to reboot the server, so then execute a Restart-Computer.

[box]

netdom computername LAN-2025.test.net /makeprimary:LAN-2019.test.net

Restart-Computer

[/box]

REMEMBER at this point the old and new server names have swapped, so your commands will now assume that (in this case) LAN-2019.test.net is the name of the DC you are on. Once the server has rebooted.

[box]

netdom computername LAN-2019.test.net /enumerate

CHECK THE NEW NAME IS LISTED FIRST, THEN REMOVE THE UNWANTED NAME

netdom computername LAN-2019.test.net /remove:LAN-2025.test.net

FINALLY CHECK AGAIN

netdom computername LAN-2019.test.net /enumerate

[/box]

Related Articles, References, Credits, or External Links

NA

Leave a Reply

Your email address will not be published. Required fields are marked *