If you promoted your server to a domain controller, you won’t be able to change the hostname for Windows Server Domain Controller without inputting commands in the command prompt. Basically, you need to open the command prompt, add a new alternate hostname, make the domain controller your primary hostname, reboot your server, and then remove the old hostname. This is useful if the server’s hostname was not changed before the server gets promoted as a domain controller. The order of commands along with the syntax is as follows:
netdom computername oldcomputername.yourlocaldomain.lan /add:newcomputername.yourlocaldomain.lan
netdom computername oldcomputername.yourlocaldomain.lan /makeprimary:newcomputername.yourlocaldomain.lan
shutdown /r /t 0
netdom computername newcomputername.yourlocaldomain.lan /remove:oldcomputername.yourlocaldomain.lan
- The command to execute.
- Old hostname (example:
- Local domain name (example:
- New hostname (example:
- Adds a new hostname to the domain controller as an alternate hostname. For this example,
newcomputername will be added as an alternate hostname for the domain controller.
- Makes a hostname a primary name for the domain controller.
newcomputername will be the primary name for the domain controller and the
oldcomputername will be the alternate hostname for the domain controller.
- Deletes the hostname from the domain controller. In this case, the
/remove flag removes the
oldcomputername from the domain controller.
- Although not shown in the order of commands above this list of commands, parameters, and flags, this will enumerate the list of hostnames assigned to the domain controller. This flag does not require a parameter, so the colon after the enumerate flag is not needed.
shutdown /r /t 0
- This command reboots the server (hence,
/r) immediately (
/t 0. The
/t 0 flag and parameter is a timer.
- Not shown in the list of commands above. This command runs a diagnostic for the domain controller to make sure everything in the domain controller is working fine. There might be some errors and warnings, but if computers can login to the domain controller, it should be fine.
Because I did not know the commands myself, I must give credit to “The ICT Guy” (Twitter profile) for writing an article titled Correctly renaming a Domain Controller for a seamless easy migration. That article has been of great help to me since I am testing Windows Server 2016 Essentials edition as part of my virtual homelab setup. For example, I wanted to test the domain joining functionality in macOS and test an Active Directory integration in Nextcloud using an LDAP/AD integration app. LDAP stands for Lightweight Directory Access Protocol and is used for managing users and groups.
I hope I can be of help to Windows administrators.
When creating Linux containers for the purpos of joining them to an Active Directory Domain Controller, make sure the checkbox after the “Unprivileged Container” is unchecked. The “unprivileged container” checkbox is after the “Hostname” edit box. Unprivileged Linux containers won’t be able to join to an Active Directory. Essentially, I forgot to uncheck the “Unprivileged Container” and wasted hours of my time, but I consider time well spent when learning the hard way.
Proxmox has “Unprivileged Container” checked by default when creating a new Linux container. That option cannot be changed once a Linux container is created, so the Linux container will have to be deleted in order to start from scratch with “Unprivileged Container” unchecked.
Skip ahead to Long Version section for more details.
Who Is This Article For?
This article is for anyone who has experience with Proxmox. Proxmox is a Linux distribution and it comes with a web interface for running and managing virtual machines and Linux containers. This link will take you to the web page that explains how virtual machines and Linux containers work. The “long version” also mentions SSSD when I was troubleshooting issues while attempting to log into an Active Directory. System Security Services Daemon (SSSD, for short) is what enrolls a Linux client to an Active Directory. A “daemon” in Linux is another name for “services” in Windows that runs in the background. This article is intended for advanced Linux users only.
I wanted to see if I can implement Active Directory functionality without needing Windows Server operating system. A software called “Samba” lets me do just that, so I followed instructions on getting Samba’s Active Directory Domain Controller (AD-DC, for short) up and running. I set this up in a privileged Linux container. The reason why Linux containers need to have privileges is because when I did a search for “setresgid failed [Invalid argument]” (without quotes) in StartPage, I came across a page in GitHub titled Cannot log in with Active Directory users via SSSD on Proxmox #3153. That was when I created a new Linux container and I forgot to uncheck the “Unprivileged Container” checkbox. I did a lot of troubleshooting when I looked into
graysonpeddie.lan is my local domain name for my home network. This web page explains how to setup a Linux client for joining to a Samba domain. From what I have learned, if I execute an
id command in my Linux client:
uid=1451201106(gpeddie) gid=1451201104(grayson peddie) groups=1451201104(grayson peddie),1451200513(domain users)
According to the GitHub page that I linked earlier, the maximum user ID and group ID (UID and GID for short) is 65536 for an unprivileged Linux container. Within the issue page, the max UID and GID can be changed to 1000000000 or something higher. However, as this is for experienced Linux users who know the inner workings of Linux containers, the moral of the story is that “Unprivileged Container” needs to be unchecked in order for domain joining to work.
Bear in mind that privileged containers are not safe for businesses when it comes to attackers exploiting privileged Linux containers. And yes, it’s all about vulnerabilities and exploits when it comes to escaping Linux containers and causing damage to the host; however, for homelab purposes, a privileged Linux container is fine for my needs. If you are concerned about the security of Linux containers, spin up virtual machines instead of Linux containers in Proxmox. Of course, depending on your security hygiene, virtual machines can be as unsafe as privileged and unprivileged Linux containers if you do not have security precautions in place. For more details, learn more about privileged and unprivileged containers.
Update as of Thursday, October 27, 2022 at 10:00 AM EST
Ah… Just one small mistake. I forgot to properly close a heading-level 4 tag (H4) in the “Long Version” section. Yikes. Fixed.
- From your smartphone (not your desktop or laptop computer), open the Uber application.
- Tap Account. The Account button is located at the bottom right of your smartphone’s screen.
- Tap your avatar to the right of your name.
- Tap your email address to change your email address. Skip to step 6 if you do not make use of unique email addresses for every account that you signed up for.
- Once you change your email address, tap Update. Go into your email account and look for an email from Uber. Enter the verification code that Uber gave you.
- Tap your password. You will need to verify your password first before you generate your new password from a password manager.
And you are done! Congratulations! You have successfully changed your unique email address and password! Stay safe!
Cannot Change Email Address and Password in Uber’s Website
If you are like me, you watched a video about Uber Has Been Hacked and you have a unique email address and unique password assigned to your Uber account. If you make use of a password manager such as Bitwarden or KeePassXC but do not have more than one email address, that’s okay and unique passwords are important anyway. Password managers saved me from re-using passwords and I cannot remember hundreds of passwords.
So you learned about Uber that got hacked and we all know that we should change our passwords, correct? For no reason, Uber won’t let me change my email address and password in their website. I have to change that in an Uber app in my smartphone. And yes, I went into my profile after I sign into Uber’s website and there is no way to change both my email address and password!
The Only Way To Change Important and Sensitive Information?
That’s right! Your smartphone! If you need to change your email address and password, you must open the Uber app in order to change what you need to change. And you know what? My computer is a lot more convenient than my smartphone. Why? Physical keyboard, a mouse, and a large monitor. I have to have my smartphone very close to me due to my visual impairment and the use of my smartphone can hurt my back. It would be nice if I could connect my smartphone to a dock and use my computer monitor, mouse, and keyboard to control my smartphone. That reminds me of Purism’s Librem 5 smartphone. I found a video called Desktop and Phone Convergence. Purism Librem 5 is not only a smartphone, but it is more of a general-purpose computer. The smartphone runs PureOS, a Linux distribution made for Librem laptops and Librem 5 smartphone. If Android could do convergence right out of the box, I could turn off my Mac Mini that I currently have in order to save power and just use my smartphone like a computer. That way, I could pull up an Uber application using my mouse and keyboard and I can change my email address and password from there! I do not have to worry about visiting Uber’s website.
Surely, we should be able to change our email address and password right from Uber’s website, right? At the end of the day, I think we are living in a smartphone-first world where smartphones are all the rage these days. And all the smartphone manufacturers are all copying Apple’s designs with the exception of Planet Computer Astro Slide 5G. That smartphone has a built-in physical keyboard and I would love to get my hands on one when it ships. Oh, and you can thank me for providing instructions at the very beginning of my article. Far too many blogging websites make it seem so wordy that their articles provide lots of reasons for changing the password that I would have to scroll down the article in order to view the instructions. Simply read the instructions from the beginning of this article and you can change your email address and password in no time!
And people will always fall for social engineering problems. 🙂
Who is this blog article for?
Anyone who is into home theater electronics and those who understand home theater terms such as a home theater receiver, a home theater processor, and eARC. This article is unsuitable for blind users who do not have eyesight.
A Cool New Home Theater Processor!
I received an email from AVSForum about a 9.4.6 Home Theater At CEDIA That You Definitely Don’t Want To Miss (that’s 9 speakers near the wall, 4 subwoofers (2 front, and 2 rear subwoofers), and 6 ceiling speakers) and I came across a processor that is used at CEDIA called StormAudio ISP Elite MK3, so I went to that page and–wow! A multi-theater processor!!!
Okay, so what does that do? Does the ISP processor… (Interrupted by the “I don’t care about cookies” web page as I type. A browser extension in Firefox about getting rid of cookie warnings or cookie notifications in websites opened up a new tab after updating a browser extension as I type. Now I’m getting off-topic. Thanks to you, browser extensions!)
Hah… 😆 Let me get myself back in control of my moment as I write my blog post. Because that cool new home theater processor interests me a lot! 🤣😀
Okay, so what does that new home theater processor do? Does the ISP processor let me have multiple theaters? Yes! That’s having two home theater processors in one processor! Okay, let me explain. Most people that have a surround sound system typically have a home theater receiver with amplifiers built-in. A processor does not have an amplifier, so it needs an external amplifier. An ISP processor can have up to 32 channels of audio. That’s 32 speakers. What!? 32 speakers!? Yes. “But you don’t need 32 speakers–let alone 4 or 8 subwoofers for a dedicated home theater room,” you exclaimed. That’s true, but that’s not the point. Think about AMC Theatres. If you have been to a movie theater, you know AMC Theatres has so many auditoriums, right? Think about just one device that can connect to 16 speakers per theater room. Actually, commercial movie theaters do have multiple rows of surround speakers. Each row of surround speakers can be located to the left and right side of the room and can surround multiple rows of seating. Of course, that can be done using a StormAudio ISP processor, but that’s not what I am interested in.
What piked my interest is the multi-theater feature of the StormAudio ISP MK3 processor. This would allow me to assign 16 channels of audio to a dedicated home theater room and 8 channels of audio to my home office/gaming/studio room. A home theater processor has two HDMI outputs. One HDMI output is linked to the 16 channels for the home theater room. Another 8 or 16 channels of audio (depending on the modules installed in a processor) can go to my home office/gaming/studio room. So people might be thinking “is it possible for a home theater receiver with an integrated amplifier to have 32 channels of amplification?” The problem with that is, the home theater receiver’s power supply is very limited in terms of the amount of current that must be pushed from an electrical outlet to the speakers. The receiver can get so hot to the touch even if nothing is playing. That’s why going with external amplifiers is better when playing at high volumes. A dedicated home theater room needs to be connected to a dedicated circuit breaker in order to provide enough power to the speakers in a dedicated home theater room. For a computer room, I may not need a lot of power, so a 700w amplifier going into 7 channels (that’s 100 watts each per speaker) is more than enough for me.
Although the price of the StormAudio ISP MK3 processor is sky-high, for me, that is similar to buying two cheaper home theater processors, but the cool thing about this is I could have more speakers in a dedicated room and still have leftover for the speakers in the computer room. And I could control the processor to show me a different video source going out to HDMI 2, which is the connector going out to my computer room. If I want to see what’s playing in a dedicated movie theater from a computer room, I can do that because the processor acts as a hub. Sure, if I could find a multi-theater processor at a lower price than the StormAudio, that’s great, but I get what I pay for. Right now, the MK3 only supports HDMI 2.0, which means I cannot game at 4K (3840×2160) at 120Hz and my TV (Samsung 43″ QN90B) supports HDMI 2.1.
I have my PC connected to my TV, then from the TV to an eARC HDMI audio extractor, and then to my Denon AVR-X3400H which does not support eARC. Basically, eARC allows 5.1 or 7.1 surround sound audio to come directly from the TV and the audio passes into a receiver’s HDMI out for the receiver to process audio information so that the sound can output through the speakers. But because my home theater receiver does not support eARC, I use an audio extractor (that I linked above) in order to supply audio going out to my receiver. Here’s how it works:
- “HDMI Out” from an audio extractor connects to my Samsung 43″ QN90B’s HDMI 3, which lists “eARC.” Connecting an audio extractor to HDMI 1, 2, or 4 in the back of my TV won’t work as those HDMI ports do not provide eARC support.
- “HDMI Audio Out” connects to my Denon AVR-X3400H’s audio input. This allows my receiver to process audio that came from my PC that hooks up to my TV’s HDMI 2.1 inputs.
- “HDMI Input” from an audio extractor connects to my Denon AVR-X3400H’s HDMI Output. This allows me to select HDMI3 on my TV. Any video going from my receiver to my TV passes through my audio extractor’s HDMI input.
And that’s all there is to it! In short, my PC connects to my TV via an HDMI cable, the TV connects to an audio extractor, and an audio extractor connects to my receiver. An HDMI audio extractor avoids having me buy a new receiver. Think about this. Back on late 2018, my Marantz SR-5008 was having issues and the audio continues to make squealing noise after the outbreak of Hurricane Michael. Since January of 2019, I wanted a new receiver. Should I buy a Denon AVR-X3500H which supports eARC or should I buy a Denon X3400H which does not? Back around August of 2013, I bought a 4K-ready receiver, thinking that $900 would give me a much better sound compared to Marantz SR-5007, which was a discontinued model. That’s why I bought myself into that “$900” hype! Bad! Bad mistake! So let me ask you this. Would you spend $300 extra just for eARC support? Me? I don’t think so. I bought a Denon X3400H just to save $300 in the process. Sure, Amazon mentioned that X3400H is a discontinued model (yes, it “was” as it’s past-tense, but let’s forget about the tenses for now), but I bought it anyway! Why? So I can quit being a fool! The sound character is the same regardless of whether it’s a 2010 model or a 2022 model!
Of course, I’ve gotten way too far off-topic from my article, but the point is, I’m going to wait for ISP to come out with a new processor that supports HDMI 2.1 such as 4K at 120Hz. 4K at 120 Hz would last for a very long time for me. Maybe a decade? Even if HDMI Alliance (or whatever it’s called) upgrades to 8K (a resolution of 7680 by 4320) at 120Hz? Okay, hold on a minute. Today, I don’t think modern graphics cards can even handle 4K at 120 frames per second or even at 240 FPS unless people play older games or turn down the graphics settings. I mean, I’m talking Cyberpunk 2077 that can push even an NVIDIA RTX 3090 so hard that gamers can’t get more than 90 to 100 frames per second. So, HDMI 2.1 will be with us for a very long period of time. Well, I’m pretty sure that games such as Cyberpunk 2077 could run the GPU (graphics processor unit) down to 20 frames per second or even lower. 😂🙂
Anyway, one day I could save up my money for an awesome StormAudio home theater processor. One day. That is, if I could get into network engineering and make a whole lot of money (I am Cisco CCNA certified as of October 2021; I am CompTIA CySA+ certified as of August 23rd of this year, which renewed my CompTIA A+, Network+, and Security+ certifications).