On Windows 2000 DC, FQDN is different than AD Domain - DDN..

CarlC

Distinguished
Jun 16, 2005
1
0
18,510
Archived from groups: microsoft.public.win2000.active_directory (More info?)

I am consulting for a small company to attempt to resolve a problem.

Someone has done an in-place upgrade of an NT 4.0 DC to a W2K AD DC. The
Domain used in the Computer's Properties (Computer Name FQDN) was set to an
ISP's domain and was not changed before the upgrade (this computer is
multi-homed) was performed. Now this W2K DC has an inoperable DDNS since the
FQDN of this Computer is different that the AD Domain. Clients cannot locate
the DDMS Server to Register and the DC itself is not able to register SRV
Records (or even A Records).

This computer also hosts Exchange 5.5 (and the only reason Exchange seems to
work is that the Service Accounts, while AD Accounts, are still Local).

So given this situation, is there any method to now change the FQDN in the
System Properties of this W2K AD DC or must AD be removed first ????

Thanks for any advice,
--
CarlC
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.active_directory (More info?)

Hi CarlC,

Forget everything else -- you need to concentrate on your DNS. You need to
have your DCs to host AD integrated DNS and reference only itself. From
there, have your clients point at the server. Finally stop and restart the
netlogon service to re-register the SRV records.

Bottom line, focus on the DNS of the server first and work to the edges
using NSLOOKUP to verify connectivity.

From there, use DCDIAG and NETDIAG to look fro replication problems.
--
Ryan Hanisco
MCSE, MCDBA
FlagShip Integration Services
Chicago, IL

"CarlC" <CarlC@discussions.microsoft.com> wrote in message
news:6EB7963A-E498-4385-A510-A4C7658FF30D@microsoft.com...
>I am consulting for a small company to attempt to resolve a problem.
>
> Someone has done an in-place upgrade of an NT 4.0 DC to a W2K AD DC. The
> Domain used in the Computer's Properties (Computer Name FQDN) was set to
> an
> ISP's domain and was not changed before the upgrade (this computer is
> multi-homed) was performed. Now this W2K DC has an inoperable DDNS since
> the
> FQDN of this Computer is different that the AD Domain. Clients cannot
> locate
> the DDMS Server to Register and the DC itself is not able to register SRV
> Records (or even A Records).
>
> This computer also hosts Exchange 5.5 (and the only reason Exchange seems
> to
> work is that the Service Accounts, while AD Accounts, are still Local).
>
> So given this situation, is there any method to now change the FQDN in the
> System Properties of this W2K AD DC or must AD be removed first ????
>
> Thanks for any advice,
> --
> CarlC
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.active_directory (More info?)

What are they using for DNS? Is the DC itself a DNS Server?

The setup with the DNS name being different from the AD domain name is one of
the disjoint namespace configurations and is fully supported. I ran a fortune 5
company like that for almost 5 years with no issues with DNS when I left.

The main thing is that the DNS Host name is resolvable. The DDNS records for the
DC should be registering whereever you are pointing assuming the AD Domain Name
Zone Exists and is configured for dynamic updates.

Now if you simply want to get to a more "common" configuration, it is possible
to change the FQDN of a DC through a registry modification. However it may have
an impact on Exchange (I always hated Exchange on DCs) and you should probably
test this very well before doing it.

The registry value to change is called NV Domain and is located in the key

hklm\system\currentcontrolset\services\tcpip\parameters

You will want to reboot the DC after the change and verify that the SPNs and DNS
Hostname for the DC are changed on the DC's computer account in the directory.

I have done this multiple times in production however, the DCs were not running
any applications other than the DC functionality and WINS.

joe

--
Joe Richards Microsoft MVP Windows Server Directory Services
www.joeware.net


CarlC wrote:
> I am consulting for a small company to attempt to resolve a problem.
>
> Someone has done an in-place upgrade of an NT 4.0 DC to a W2K AD DC. The
> Domain used in the Computer's Properties (Computer Name FQDN) was set to an
> ISP's domain and was not changed before the upgrade (this computer is
> multi-homed) was performed. Now this W2K DC has an inoperable DDNS since the
> FQDN of this Computer is different that the AD Domain. Clients cannot locate
> the DDMS Server to Register and the DC itself is not able to register SRV
> Records (or even A Records).
>
> This computer also hosts Exchange 5.5 (and the only reason Exchange seems to
> work is that the Service Accounts, while AD Accounts, are still Local).
>
> So given this situation, is there any method to now change the FQDN in the
> System Properties of this W2K AD DC or must AD be removed first ????
>
> Thanks for any advice,