Domain Controllers full computername wrong after upgrade

[Unhappy MacbbokOwner]

Hello -

long ago we upgraded our only domain controller (AD, DHCP, WINS) from
NT4 to Windows 2000, but forgot to remove the domain suffix on the NIC
before we did.

That resulted in the DC under Network Identification has a name of
computername.onedomain.com, and the Domain: otherdomain.local.

This gives long logon-times, with Errors 1053 and 1054 Source Userenv
and Error 15 AutoEnrollment on our XP SP2 clients, and some clients
loose connctions to network drives (only some, which puzzles me a bit,
but that might be related to something else).

As we are no longer a part of onedomain.com, we are now looking for the
easiest way to get rid of it, and only use the otherdomain.local. Is it
possible without reinstalling the domain controller? It could
temporarily be possible to add another DC if that would make it easier,
or upgrade the existing DC to 2003 but I am not sure if it is possible
to rename DC's running that.

Any and all suggestions are very welcome

 

[Herb Martin]

Hello -

long ago we upgraded our only domain controller (AD, DHCP, WINS) from NT4
to Windows 2000, but forgot to remove the domain suffix on the NIC before
we did.

That resulted in the DC under Network Identification has a name of
computername.onedomain.com, and the Domain: otherdomain.local.

The OFFICIAL Computer name is in the System Control Panel, i.e.,
computername.onedomain.com

Remove the one in the NIC->IP properties->DNS tab.

It is seldom necessary or even useful.

This gives long logon-times, with Errors 1053 and 1054 Source Userenv and
Error 15 AutoEnrollment on our XP SP2 clients, and some clients loose
connctions to network drives (only some, which puzzles me a bit, but that
might be related to something else).

As we are no longer a part of onedomain.com, we are now looking for the
easiest way to get rid of it, and only use the otherdomain.local.

The domain controller cannot change domains. (Without being DCPromo'd
to non-DC).

Is it possible without reinstalling the domain controller?

To remove a DC from a domain it must be DCPromo'd to non-DC and
then added to the other domain -- then you may (optionally) DCPromo'd
to a new DC on the new domain without re-installing the server.

It could temporarily be possible to add another DC if that would make it
easier, or upgrade the existing DC to 2003 but I am not sure if it is
possible to rename DC's running that.

A DC can be renamed while running if the domain is in Native+ mode.

A Domain cannot be renamed unless the FOREST is in Win2003 Forest
Functional Level.

 

[Unhappy MacbbokOwner]

Herb Martin skrev:

The OFFICIAL Computer name is in the System Control Panel, i.e.,
computername.onedomain.com

Yes, that is where I found it.

Remove the one in the NIC->IP properties->DNS tab.

There is nothing added there.

It is seldom necessary or even useful.


The domain controller cannot change domains. (Without being DCPromo'd
to non-DC).


To remove a DC from a domain it must be DCPromo'd to non-DC and
then added to the other domain -- then you may (optionally) DCPromo'd
to a new DC on the new domain without re-installing the server.


A DC can be renamed while running if the domain is in Native+ mode.

A Domain cannot be renamed unless the FOREST is in Win2003 Forest
Functional Level.

This is the only DC in the setup, so upgrading it to 2003 will allow me
to get the DC's name to correspond with the AD domain name?

Basically, what I am looking for is a fix/workaround to lower logon-time
until I send people off for summerholidays and I can rebuild the entire
domain.

 

[Herb Martin]

Herb Martin skrev:

This is the only DC in the setup, so upgrading it to 2003 will allow me to
get the DC's name to correspond with the AD domain name?

You will also need to change the Win2003 Server Native mode (the
highest) and change the Forest to Win2003 Forest Functional Level.

The changes to the functional levels are NOT automatic, you must
advance these manually (after all DCs are upgraded to Win2003.)

You really should have more than one DC if at all possible. Were
you to lose your only/last DC you would lose the entire domain, and
any child domains too.

Basically, what I am looking for is a fix/workaround to lower logon-time
until I send people off for summerholidays and I can rebuild the entire
domain.

Renaming a DC likely has NOTHING to do with logon times.

Most of the time, long logon times are due to having DNS setup
incorrectly.

Every internal computer must be set to use ONLY the DNS server set
which can resolve your internal resources, esp. your DCs.

All DCs should pass a complete "DCDiag /c" with no FAIL or WARN
messages.

 

[Kevin D. Goodknecht Sr. [MVP]]

Read inline please.

In

This is the only DC in the setup, so upgrading it to 2003 will allow
me
to get the DC's name to correspond with the AD domain name?

Basically, what I am looking for is a fix/workaround to lower
logon-time until I send people off for summerholidays and I can
rebuild the entire domain.

Here is just exactly what you need made especially for this sistuation... in
this KB you will find a template for a vbs script for changing the Primary
DNS suffix on a Windows 2000 Domain Controller.
257623 Domain Controller's Domain Name System Suffix Does Not Match Domain
Name
http://support.microsoft.com/?id=257623&sd=RMVP


--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
Send IM: http://www.icq.com/people/webmsg.php?to=296095728
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

 

[Unhappy MacbbokOwner]

Kevin D. Goodknecht Sr. [MVP] skrev:

Read inline please.

In

Here is just exactly what you need made especially for this sistuation... in
this KB you will find a template for a vbs script for changing the Primary
DNS suffix on a Windows 2000 Domain Controller.
257623 Domain Controller's Domain Name System Suffix Does Not Match Domain
Name
http://support.microsoft.com/?id=257623&sd=RMVP

That was exactly it - logon-times are now measured in seconds, not
minutes. Thank you so very very much.

(And after fixing this I think my next project will be learning to
master Google - I spent days if not weeks with just about the exact same
search terms as the title of the KB, but never got it :-( )

 

[Kevin D. Goodknecht Sr. [MVP]]

Read inline please.

In

That was exactly it - logon-times are now measured in seconds, not
minutes. Thank you so very very much.

(And after fixing this I think my next project will be learning to
master Google - I spent days if not weeks with just about the exact
same search terms as the title of the KB, but never got it :-( )

It's called a disjointed namespace, and this doesn't come up as often as it
used to, since Win2k3 is not a suseptable to a disjointed namespace, and it
easier to fix because you can change the Primary DNS suffix on a Win2k3 DC
in the GUI. Win2k has to be done in the registry, so its better to use the
script.
The script also works on Win2k3, you just don't need it.


--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
Send IM: http://www.icq.com/people/webmsg.php?to=296095728
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

 

[Herb Martin]

(And after fixing this I think my next project will be learning to master
Google - I spent days if not weeks with just about the exact same search
terms as the title of the KB, but never got it :-( )

Read: "Google Hacks" from O'Reilly

Here are some keys:

| this | that matches either this OR that
~approximately match this
-not matching this
"match this phrase"
"match * phrase" with wildcards between
2000..2003 match range of numbers
"2000 | 2003 server" OR works inside quotes too
site:microsoft.com REALLY IMPORTANT trick, only matches as MS
site:gov matches any Gov site
filetypeDF major file types are frequently worth finding, PPT, PDF,
DOC, XLS etc
microsoft: microsoft "collection" whether at MS or elsewhere (linux:
mac: also)
+"exact match even when it would otherwise be approx."

Using Firefox addon "SearchWords" I have mnemonics for searching with
things like "site:microsoft.com" already added (less typing) so that typing
this in the URL Navigation bar will do the Google search (only) as MS and
find the
words etc listed:

m rename DC | domain 2000..2003
w does Wikipedia
a does Amazon
wx weather
(and about thirty more search engines)

I must type that "m" for Microsoft search 50-100 times per day.

Enjoy.