Renaming a machine that is a member of a Windows domain has got significantly easier with later versions of Windows. There was a time back in NT days when most people got this done by first removing the machine from the domain and reboot, rename the machine, and reboot, then add the machine back to the domain and reboot. Three reboots. A lot of mucking around. The reason for this is that renaming a computer that is a member of a domain is actually a two stage process. The machine has to be renamed itself, and it’s computer account in the AD also needs to be renamed to match. You could use the “netdom computername” command which handles both steps in the correct way or you could resort to the remove, rename, add back method described above.

I’m running Windows 2008 now and renaming a domain member is a trivial affair. Obviously you have to consider any other servers, services etc that may be referencing the server by its current name, but assuming that isn’t the case all you need to generally do is go into the properties of the computer and rename it in the usual way, and the AD account stuff additionally goes on in the background.

However, what about if the machine you want to rename is one of your domain controllers. In NT days this was just impossible. Later on the documented way to “rename” a DC was to essentially stand up another server with the name you wanted, add it to the domain, promote it to a DC, replicate AD being careful to be sure the new DC had the GC role, and eventually once you were sure everything was replicated across, demote the old DC and retire it; not an insignificant procedure.

Now though, in Windows 2008 if you try to rename a DC it will actually let you. You’ll notice you get a warning dialog advising you to check the other ways of renaming the machine as shown below, but if you click through the dialog it will still actually let you do it.

Now before you fire up the Remote Desktop Connection client and begin giving your DC a nice new moniker, you should take heed of the warning this dialog affords. Renaming a DC in Windows 2008 is certainly something that you will be allowed to do, but that does not mean it is a good idea, not in this way anyway. Personally, I wouldn’t rename your DC at all, but if you really must do it, then the only way you should is by using the aforementioned “netdom computername” command, with the netdom tool that is actually built into the OS. Netdom has been around in various guises for a few iterations of Windows, originally part of the administration tools pack, and its capability has improved slightly over time, but this post is not for listing the history of that tool, only to describe how to use it to rename your Windows 2008 domain controller.

In order to use this tool you must must be a member of Domain Admins. Let us assume you have a dc called DC in the MYDOMAIN.LOCAL domain. You want to rename this DC to the new name, NEWDC. To rename the DC as above we have to go through three individual steps and since netdom is a command line tool you must first open up your command prompt.

1. Add an alternative name for the DC.

NETDOM computername DC.MYDOMAIN.LOCAL /add:NEWDC.MYDOMAIN.LOCAL

The reason we do this is to update this computers service principal name (SPN) attributes in your AD and register DNS details for this new name. Since the computer is a domain controller there are specific DNS records that Windows uses to advertise and locate the names and addresses of all your DCs and their respective roles, and this has to be done and replicated before you remove the old name otherwise it is probable that some clients will be unable to find the DC with either name, old or new.Once you are sure replication has completed successfully, then;

2. Make the new name the primary for the machine/account:

NETDOM computername DC.MYDOMAIN.LOCAL /makeprimary:NEWDC.MYDOMAIN.LOCAL

And then restart the machine.

3. Finally remove the old name by typing;

NETDOM computername NEWDC.MYDOMAIN.LOCAL /remove:DC.MYDOMAIN.LOCAL

At this point we just have to wait (or invoke) another AD/DNS replication to ensure the changes are registered all the way through the domain and that’s it, you’ve successfully renamed your 2008 domain controller.