Exchange for Experts
Be The Master Of Your Domain Rename With Exchange
At a Glance:
- Preparing for a domain rename
- How to rename a domain
- Troubleshooting domain migrations
Systems administrators have always assumed that after you deploy a Microsoft Windows forest for your organization, its topology cannot be changed. Without potentially complex and time-consuming reinstalls and domain controller promotion or demotion operations, this was true, at least until the release of Windows Server™ 2003.
You might make such changes for political considerations, mergers, or acquisitions—but you shouldn't take it lightly.
A tool called rendom.exe in the \VALUEADD\MSFT\MGMT\DOMREN directory on the Windows Server 2003 CD, allows you to rename an Active Directory®
domain. There are certain limitations, however, which you can read about at Windows Server 2003 Active Directory Domain Rename Tools
Domain rename operations are a serious business and entail extensive planning and lab work before implement-ing this process in production. Domains can be renamed in place, or you can restructure the existing topology. Rather than provide a step-by-step guide, I'll offer an overview to help you decide if you want to proceed.
There are some prerequisites for domain rename operations from a Windows Server perspective, and more from a Microsoft® Exchange Server perspective. One specific Windows Server consideration is that Active Directory must be in Windows Server 2003 forest mode. This means that all domain controllers must be running Windows Server 2003, and the forest functional level needs to be changed using the Active Directory Domains & Trusts Microsoft Management Console (MMC) snap-in. Figure 1 shows the old and new domain structures.
Figure 1 Old and New Domain Structures
Unfortunately, from the time Windows Server 2003 was released until the release of Exchange Server 2003 SP1, some users of Exchange Server experienced problems after renaming one or more domains. The Exchange System Attendant service would not start and the domain had to be renamed with the original name, or Exchange Server reinstalled from backup. The Exchange Server 2003 tools download site now has an Exchange Server Domain Rename Fixup tool which allows Exchange Server to function after a domain rename.
When using the Exchange Server Domain Rename Fixup (XDR-fixup) tool, there are a number of Exchange Server prerequisites to consider:
- All Exchange Servers in the organization must be Exchange Server 2003 SP1 or later. This also means no Exchange Server 5.5 can exist in the org. This includes intra-org Certificate Authorities (CAs) and Site Replication Service; the Active Directory Connector (ADC) service supports only inter-org CAs.
- Exchange Server 2003 can only be installed on member servers, not on Domain Controllers (DC).
- Domain rename will not rename the Exchange Server org.
- Exchange domain rename will not let you merge two Exchange Server orgs (from different forests) into a single Exchange Server org.
- In other words, XDR-fixup does not replace or extend the functionality of the Windows Server 2003 domain rename tools. XDR-fixup is a script that modifies certain Exchange Server attributes after a domain has been renamed so that Exchange Server can function.
If you meet these prerequisites, have a solid reason for renaming one or more domains in your forest, and like to live on the edge, then the tool combination of rendom.exe and xdr-fixup could be useful to you. Take a look at the sidebar "Renaming a Domain
" for the steps involved.
Domain Controller Rename
Quite often companies that rename their domains will also want to rename their domain controller for consistency. If you do rename domain controllers, there are some minor extra steps that must be taken for full Exchange Server functionality. This is a separate process from renaming the domain. After the domain rename, your domain controllers will still have the old domain suffix. If the old domain was Contoso.com, after the random process all domain controllers in the renamed domain will still be called serverx.Contoso.com.
Member servers will have the new domain suffix, say serverx.NorthwindTraders.com. For more, see "Rename a domain controller" in Windows Server 2003 Server Help and Support Center, which is found at Start | Help | Support.
If you rename DCs, you must point the Recipient Update Service to the newly renamed domain controller. Until you update this configuration, the Recipient Update Service (RUS) will log warnings/errors 8033, 8201, 8284, 8264, and not function correctly. Choosing the domain controller for the RUS is easy using the properties of each RUS. Browse and select the new domain controller name. You can find more detailed instructions for working with the Exchange Recipient Update Service at How to work with the Exchange Recipient Update Service
If you have statically configured any DSAccess domain controllers via the Directory Access tab from server properties in Exchange System Manager, or directly in the registry, you will have to hardcode them again after they have been renamed. The old fully-qualified domain name (FQDN) of the server will be cached and will need to be updated after you rename domain controllers. The same goes for clients that might have global catalog servers configured in the registry.
Next, check the message queues on each Exchange Server. If messages appear to be stuck, stop the System Attendant service and the SMTP service on the server, and then restart them in any order. Renaming a domain will cause Content (full-text) Indexing to malfunction. However, the Exchange Server MSSearch Administration Tool (which you can download by visiting Downloads for Exchange Server 2003
) can be used to resolve this problem.
Occasionally the entire rendom/xdr-fixup process doesn't go smoothly. In these cases, the trace file generated by xdr-fixup has been useful. With this output file, you can search for errors such as "Did not convert attribute <attribute>:<attributevalue>". This file output, in combination with an ldifde.exe dump of the Exchange Server organization container, has led to successful Exchange Server functionality after the domain rename process.
And don't forget XDR-fixup—it can make life much easier. Although far from effortless, successful domain renaming is possible as long as certain requirements are met. Check out the additional resources for more information.
Steve Schiemann has been working with Exchange Server in Microsoft Product Support Services for over seven years. He is now on the Exchange Server administration specialty team.
© 2008 Microsoft Corporation and CMP Media, LLC. All rights reserved; reproduction in part or in whole without permission is prohibited