I'm working with a site that needs an internal DNS domain rename. It currently has a DNS name of domain.abc.com and NT name of ABC. I'm trying to get to a DNS name of abctrading.com and NT name of ABCTRADING. Split DNS would be used.
The site originally ran from a single Windows 2000 domain controller hosting AD, file, print, DHCP and DNS services. There was no Exchange system in the environment. The 50 client PCs are all Windows XP with a handful of users using roaming profiles. All users are in a single OU and there are no group policy/GPOs.
I'm a Linux engineer, but have been trying to guide another group of consultants to reach a more suitable setup. With the help of this group, we were able to move the single Windows 2000 system to a set of Windows 2008 R2 servers separated into domain controller and file/print systems (virtualized). We are also trying to add an Exchange 2010 system to this mix. The Windows 2000 server was demoted and is no longer in the picture.
This is the tricky part, as client wants the domain renamed and the consultants aren't quite sure how to get through it without another 32-40 hours of testing/implementation. THey say that there's considerable risk to do the rename without a completely isolated test environment. However, this rename has to be done before installing Exchange. So we're stuck at this point.
I'd like to know what's involved in renaming the domain at this point. We're on Windows Server 2008. The AD is healthy now. Coming from a Linux background, it seems as though there should be a reasonable path to this. Also, since the original domain appears to be a child/subdomain, would that be a problem here.
I'd appreciate any guidance.
Best Answer
In my opionion 32 - 40 billable hours to perform the testing necessary for a domain rename in such a small infrastructure is insanely high.
The configuration you describe could be tested in an afternoon with a couple of physical "scratch" client computers, a virtual domain controller, and a virtual member server on an isolated LAN.
I'd start by obtaining a test domain controller by installing a VM connected to the LAN, joining it to the domain, and promoting it to a domain controller. I'd install a DNS server, mark it as a Global Catalog server, and set it to refer to itself for DNS. Once all AD replication completed I'd take a snapshot of the VM, and then demote it back to being a member server before removing it from the domain. This leaves the production AD domain in a state consistent with how it started.
I'd detach the VM host from the LAN (or otherwise isolate it), reboot the domain controller VM from the snapshot taken when it was still a DC and seize the FSMO roles to it. This gives you a DC "under glass" to work from. I'd join a couple of "scratch" client computers to the domain hosted by the DC in the isolated network, and bring up a test file server VM as a member server. Once I verified that the "domain under glass" functioned properly I'd proceed with taking snapshots (to give me a fall-back position to re-start testing) and start the domain rename resting.
Domain rename without an Exchange 2003 infrastructure to worry about isn't something you should be too scared of. It's reasonably well documented (others provide links in their answers that are reasonable) and is "supported" by Microsoft. As you've already noted, doing it before you deploy Exchange is important because this is your last chance to rename the domain.