Here is a nifty trick I learned today: remotely renaming computers joined to a windows domain. Yes, yes – it seems trivial, but if you have ever considered doing it, you would quickly notice that there is no option for doing this in the Active Directory. Undoubtedly, it’s like that by design – probably because renaming a computer is such an annoying process in the windows world. If you want to do it, you need to reboot – there is just no way around it. So the renaming was kept local allowing the user to shield their machine from a BOFH with their own body until their data is saved an backed up.
Of course this is a major pain in the ass. For example, let’s say you are maintaining a network with an absolutely random naming scheme. You know what I’m talking about, right? It’s a network that went through hands of several admins in the recent years and each of them hand their own naming convention, as well as overall apathy toward actually enforcing it on all computers. So all the machines that got rebuilt, got named according to their scheme, while all the old ones were left alone. In the end you end up with a jumbled collection of names such as: MORDOR, GIMLI, MBISON, SAGAT, RUGBY, PF3DF39341, DHDFS3RD1, HERCULES, MUSKRAT, etc… Sooner or later you end up seeing one of these popping up somewhere and going “Dude, which machine was SAGAT again?”
Part of the problem here is that using imaginative names works great for servers, but not so well for regular workstations in a windows domain. Why? Think about it. Servers are invisible to regular users so they don’t talk about them. Only we geeks do. And we have a love/hate relationship with these beasts and we refer to them by these given names. So when someone says “Someone needs to go and reboot fucking hercules again!” everyone knows what is going on. Well, except for the users cause they never see the damn things.
Workstations on the other hand almost never retain such identities – at least not in corporate setting when they are regularly manhandled by barbaric luserati. In a regular office setting no one actually refers to the machine by its name. The computers are named according to function and/or the user. So it’s “the billing desk”, “the reception area”, “Joe’s computer”. No one actually knows that the billing desk is actually “mordor” and that Joe’s computer is “papa-smurf”. Not even the local IT crew, because these names never go into the support tickets. The computer name becomes absolutely meaningless because the actual identifier is whatever users call it.
So I got a crazy idea one day to actually take one of those jumbled networks and rename all the machines according to their function and/or location. This way if a name pops up in the logs, or if you want to ping a machine you don’t have to scramble for the network sheet to check the IP. You just ping “billing-desk”, “reception-desk” and etc. Of course renaming 20-something machines manually would be a major pain in the ass. Not to mention a time consuming project that would probably take more than a day to accomplish. Why? Because users don’t usually appreciate someone walking up to them and saying “excuse me, but can I interrupt your work and reboot your computer?”.
The best solution would be to do this auto-magically from the domain server and just wait for the user to reboot the computer on their own. Is there a way to do this? Yes there is. The tool you want is the netdom utility which is part of the Windows Server 2003 Service Pack 1 Administration Tools Pack. Once you install the pack, the task of renaming machines on your network becomes trivial. All you need to do is this:
netdom renamecomputer old_name /newname:new_name /userd:domain_admin_login /passwordd:domain_admin_pwd
You could also potentially tack on /reboot:seconds at the end of this command, where seconds is the number of seconds before the mandatory reboot. If you skip the reboot parameter however the change is going to occur next time the user reboots. This way you can blow through bunch of machines in no time, and the changes will take place whenever and wherever it is convenient. Needless to say, it is a neat trick and a nice admin tool to have available.
Small caveat: using this tool may sometimes cause the stupid “Windows cannot connect to the domain” glitch that I described here. So far this only happened to a single machine I renamed this way – most were just fine. Still, you should be on the lookout for that behavior and know how to deal with it when it crops up. Fortunately it is fairly easy to fix.
We actually use ghost to name PCs as the image is burned. This is convenient, but since the Ghost software is assigning names to PCs based on hashing attributes embeedded in NIC hardware and BIOS, etc. the only way to rename it is through Ghost itself. But it allows us to do batch imaging letting Ghost handle the naming. It makes life a little easier.