Renaming a domain controller is a common operation in many organizations, and it usually occurs when:
Domain controllers are decommissioned or promoted and renamed to maintain a naming convention.
Nota
It is important to note that domain controller names have a primary impact on administration, rather than client
access. Renaming a domain controller is an optional exercise, and the effects of renaming a domain controller should
be well understood before the domain controller is renamed.
Although you can use System Properties to rename a domain controller (as you can for any computer),
Active Directory and DNS replication latency might temporarily prevent clients from locating or authenticating (or
both) to the renamed domain controller. To avoid this delay, you can use the Netdom command-line tool to rename a
domain controller.
Task requirements
The following is required to perform the procedures for this task:
Or
Nota
After you rename your domain controller, you must manually update the File Replication Service (FRS) or
Distributed File System (DFS) Replication member object. This object must be updated with the new domain
controller name so that the domain controller can replicate SYSVOL. Because the FRS or DFS Replication member
object is not updated with the domain controller name automatically during the domain controller rename, we
recommend that you rename your server before you promote it to domain controller status.
You can use this procedure to rename a domain controller by using the Netdom command-line tool.
The netdom command updates the Service Principal Name (SPN) attributes in Active Directory Domain Services
(AD DS) for the computer account. This command also registers Domain Name System (DNS) resource records for
the new computer name. The SPN value of the computer account must be replicated to all domain controllers in
the domain, and the DNS resource records for the new computer name must be distributed to all the authoritative
DNS servers for the domain name. If the updates and registrations have not occurred before the removal of the
2
old computer name, some clients might not be able to locate this computer using the new name or the old name.
Membership in Domain Admins, or equivalent, is the minimum required to complete this procedure. Consulte los
detalles relativos al uso correcto de las cuentas y pertenencias a grupos en Grupos predeterminados locales y de
dominio (http://go.microsoft.com/fwlink/?LinkId=83477).
To rename a domain controller using Netdom
1. Open a Command Prompt as an administrator: On the Start menu, right-click Command Prompt, and
then click Run as administrator. If the User Account Control dialog box appears, provide Domain
Admins credentials, if required, and then click Continue.
2. At the command prompt, type the following command to add the new domain controller name, and then
press ENTER:
Value Description
netdom computername Manages the primary and alternate names for a computer.
<CurrentComputerName> The current, or primary, fully qualified DNS name of the computer that you are
renaming.
<NewComputerName> The new fully qualified DNS name for the computer that you are renaming.
3. Type the following command to designate the new name as the primary computer name, and then press
ENTER:
Value Description
3 netdom computername Manages the primary and alternate names for a computer.
<CurrentComputerName> The current, or primary, fully qualified domain name (FQDN)of the computer that
you are renaming.
/makeprimary: Specifies that an existing alternate name should be made into the primary name.
<NewComputerName> The new name for the computer. The NewComputerName must be a FQDN. The
primary DNS suffix that is specified in the FQDN for NewComputerName must be th
same as the primary DNS suffix of CurrentComputerName, or it must match the DN
name of the Active Directory domain that is hosted by this domain controller, or it
must be contained in the list of allowed DNS suffixes that is specified in the msDS-
AllowedDNSSuffixes attribute of the domainDns object.
4
6. At the command prompt, type the following command to remove the old domain controller name, and then
press ENTER:
Value Description
netdom computername Manages the primary and alternate names for a computer.
<NewComputerName> The new FQDN that you added for the computer in step 2.
You can use this procedure to update the File Replication Service (FRS) or Distributed File System (DFS) Replication
member object after you rename a domain controller. This object must be updated with the new domain controller
name so that the domain controller can replicate SYSVOL.
5
For more information about this procedure, see article 316826 in the Microsoft Knowledge Base
(http://go.microsoft.com/fwlink/?LinkId=82821).
Membership in Domain Admins, or equivalent, is the minimum required to complete this procedure. Consulte los
detalles relativos al uso correcto de las cuentas y pertenencias a grupos en Grupos predeterminados locales y de
dominio (http://go.microsoft.com/fwlink/?LinkId=83477).
To update the FRS member object
1. On the Start menu, point to Administrative Tools, and then click Active Directory Users and
Computers.
3. Expand the domain node, System, File Replication Service, and Domain System Volume (SYSVOL
share). The <DomainControllerName> objects below Domain System Volume (SYSVOL share) are the
FSR Member objects that correspond to domain controllers in the domain. Find the
<DomainControllerName> object that shows the old name of the domain controller.
4. Right-click the FRS Member object for the old name of the domain controller, and then click Rename.
6. To verify the name change, open ADSI Edit: On the Start menu, point to Administrative Tools, and then
click ADSI Edit.
View the fRSMemberReference attribute of the object CN=Domain System Volume (SYSVOL
share),CN=NTFRS Subscriptions,CN=<DomainControllerName>,OU=Domain
Controllers,DC=<DomainName> and confirm that the value in CN=<DomainControllerName> is the new
name.
1. On the Start menu, point to Administrative Tools, and then click Active Directory Users and
Computers.
6
3. Expand the domain node, System, DFSR-GlobalSettings, Domain System Volume, and Topology.
The <DomainControllerName> objects below Domain System Volume are the msDFSR-Member objects
that correspond to domain controllers in the domain. Find the <DomainControllerName> object that shows
the old name of the domain controller.
4. Right-click the msDFSR-Member object for the old name of the domain controller, and then click Rename.
6. To verify the name change, open ADSI Edit: On the Start menu, point to Administrative Tools, and then
click ADSI Edit.
You can use this procedure to rename a domain controller by using the System Properties graphical user interface
(GUI).
Membership in Domain Admins, or equivalent, is the minimum required to complete this procedure. Consulte los
detalles relativos al uso correcto de las cuentas y pertenencias a grupos en Grupos predeterminados locales y de
dominio (http://go.microsoft.com/fwlink/?LinkId=83477).
3. Click OK to acknowledge that renaming the domain controller may cause it to become temporarily
unavailable to users and computers.
7 Nota
Renaming a domain controller in this way may result in Active Directory replication latency, making
more difficult for clients to locate or authenticate the domain controller under its new name.
4. Under Computer Name, type the new name, and then click OK.
6. If you are prompted, provide the user name and password for an account with Domain Admin or Enterprise
Admin credentials.