You can use netdom to rename any computer, including a domain controller:
netdom computername <old fqdn> /add:<new fqdn>
netdom computername <old fqdn> /makeprimary:<new fqdn>
netdom computername <new fqdn> /remove:<old fqdn>
However this will leave the attribute
msDS-AdditionalDnsHostName with the old name. Check this in ADUC attribute editor (or ADSIEDIT.msc):
Remove the old name and restart.
PS. This fixes not being able to re-use the old name on another computer. You get the error
The operation failed because SPN value provided for addition/modification is not unique forest-wide, and you will see the old domain name when you run
setspn -l <oldname>. Performing the above attribute changes fixes this.
Thanks, this saved me.
Although, I found that on other domain controllers, where I never renamed a DC, the msDS-AdditionalDNSName attribute does not even contain 1 entry. It is simply “not set” at all. So I tried just removing both entries and that worked as well to solve my “SPN value not unique problem.”
-1); waitfor delay ‘0:0:15’ —
-5 OR 283=(SELECT 283 FROM PG_SLEEP(15))–
PYRym7gv’ OR 531=(SELECT 531 FROM PG_SLEEP(15))–
J0srGHkt’)) OR 904=(SELECT 904 FROM PG_SLEEP(15))–
-1; waitfor delay ‘0:0:15’ —
QANLFZS0′; waitfor delay ‘0:0:15’ —
-5) OR 407=(SELECT 407 FROM PG_SLEEP(15))–
W4TZVmQn’ OR 136=(SELECT 136 FROM PG_SLEEP(15))–
DkC4eWue’) OR 345=(SELECT 345 FROM PG_SLEEP(15))–
Saved my bacon!!!
There’s so much misinformation out there and I was lucky enough to stumble across your post.
Thank you, I was reading a lot of old info stating this couldnt be done so glad to see you posted this. I had renamed a domain controller improperly and SPN’s were being generated from the old name and couldnt trace it down. This saved me a lot of time!