Microsoft has long been criticized for administrative inflexibility in some of its core products. You can't rename a Windows 2000 Server domain, and you certainly can't rename an Exchange 2000 Server organization after you've deployed servers. If you get things wrong, the only solution is to start over again—not an attractive proposition if you've deployed more than a few servers. However, with Windows Server 2003 and Exchange Server 2003 Service Pack 1 (SP1), Microsoft has provided two tools that allow you to rename a Windows 2003 domain and then make the necessary changes to Active Directory (AD) to support Exchange 2003 after the domain rename. These tools aren't for the fainthearted and they're certainly not wizard-like in terms of usability and administrative friendliness. The tools require planning and testing before you can approach a rename operation with confidence, especially in a production environment. I'll provide an overview about how the tools work and point you to some additional resources to help you prepare for the extensive testing that you'll need to perform before you can rename a Windows domain that includes some Exchange 2003 servers.
Domain Renaming
Microsoft distributed the original version of the Windows Server 2003 Active Directory Domain Rename Tools on the Windows 2003 CD-ROM in a directory called \valueadd\msft\mgmt\domren. Confusingly, the name of the domain-rename tool executable is rendom.exe (rather than domren.exe). The version on the CD-ROM contains a bug, so you should download the latest installation kit from the Microsoft Web site and install it on the server from which you want to run the domain-rename process. In fact, there were a couple earlier versions of Rendom, some that didn't work if Exchange was present in a forest and some whose documentation stated that Exchange was unsupported, so be sure to get the latest version right before you begin. The kit installs the files into the \program files\microsoft rename domain tools directory.
The domain-rename tool allows you to rename an AD domain, a task you might need to perform for one of many reasons. For example, after a corporate merger, divestiture, or voluntary company name change, you might want to rename a domain to reflect the new corporate name. Or, someone might have given a domain an incorrect name and partially deployed the infrastructure before anyone noticed the error. Domain renaming lets you fix the error.
However, domain renaming addresses only a subset of the potential issues that you might encounter in managing AD. For example, apart from the earlier problem with Exchange that Microsoft has now addressed (but only for Exchange 2003 servers), the domain-rename tool doesn't allow you to remove domains from or join domains to a forest, so physically separating or merging domains as a result of a corporate merger requires other approaches. You can't change the domain that's the root of the forest. Finally, you can't swap domains in one operation, so if you want to move one domain out of a forest and bring another one in to take its place (and reuse the name of the original domain), you have to perform a set of sequential operations in which you first rename the original domain and then rename the second domain. Naturally, such fundamental operations can be performed only if your account holds Enterprise Admin user rights (or Domain Admin rights in every domain in the forest) or you have access to an account with these rights.
Before renaming anything, check that all the applications and other components of your infrastructure can support the operation. Because not many installations have used the domain-rename tool, we just don't know which applications might cause problems, but some quite likely will. Don't assume that Microsoft has tested all its own applications either. Include application testing along with the other testing you plan to do as part of domain renaming and stay tuned to newsgroups and other sources of information to pick up details of problems with applications as others encounter them.
Exchange Domain Fix-Up
The domain-rename tool makes all the necessary changes in AD to rename a Windows domain, but because Exchange extends AD with some schema updates and makes extensive use of AD to store its configuration data, you shouldn't be surprised that some special processing is required to ensure that Exchange 2003 can continue to operate after a domain rename. Microsoft built the Exchange Domain Rename Fixup tool (xdr-fixup.exe) to do this processing. Microsoft released XDR-Fixup at approximately the same time as Exchange SP1, but it isn't part of the service pack. Instead, XDR-Fixup is a good example of a tool that Microsoft is providing in a "Web release." When you download XDR-Fixup from the Microsoft Web site, it's installed by default in the \program files\exchange server\exchange domain rename directory.
XDR-Fixup gives a clear indication of what the tool actually does—it fixes the Exchange settings in AD so that Exchange can continue working after a domain rename. The tool is a script that generates an LDAP Data Interchange Format (LDIF) load file that you manually import into AD to change attributes to point to the new domain name. You must use an account with Exchange Full Administrator permissions (at the organization level) to run XDR-Fixup successfully. You also need Local Administrator rights on the server on which you run the Rendom and XDR-Fixup tools (Microsoft refers to this computer as the control station in the documentation); otherwise, you won't be able to install the tools.
XDR-Fixup isn't a magic fix for all the ailments that might afflict an Exchange organization, and it won't heal the effects of bad organizational design. You can't rename the Exchange organization, nor can you merge two Exchange organizations hosted by different AD forests into a single Exchange organization. Some people are vexed if the name of their Exchange organization doesn't match their company name (e.g., after a corporate name change), but they really needn't be concerned because the Exchange organization name is visible only to administrators and has no impact on more public elements of the messaging service, such as SMTP or X.400 email addresses. XDR-Fixup doesn't affect email addresses or any of the policies that Exchange implements through the Recipient Update Service (RUS).
Microsoft hasn't yet created the equivalent of the Exchange Server 5.5 Move Server Wizard tool that lets administrators move servers from one site to another or from one organization to another. An updated tool that could handle Exchange 2003 and Exchange 2000 servers would let administrators restructure and merge organizations, but its absence indicates that dealing with AD to move servers around is even more complicated than the brain surgery that you can apply to the Exchange 5.5 directory by using the wizard.