There are some extremely nonobvious repercussions to switching domains, a few of which we were unfortunate enough to encounter here at Monfort.

The first of those is that certain source control providers (such as Vault) consider the host name an integral part of a check out atom; since the domain name switch resulted in a change in all host names, the direct result was that after the switch our developers were unable to do anythign with files that had been checked out before the switch. Although Vault is based off of SQL Server I couldn't figure out how to "surgically" take care of the problem; changing the host record in the check out object table had no apparent effect. I thought this might have to do with client/server side caching, but restarting both did not have the expected result. To save time, we eventually worked the problem out by undoing all check outs server-side from the administration tool and manually checking the files back out.

The second problem was much less obvious: some of our projects make use of cryptographic key containers for signing .NET assemblies; after the switch we started getting "8013141C errors" (Windows will not format this error message). We tried reinstalling the key container only to get an "Object already exists" message from the sn tool. Yaniv, one of my colleagues, managed to find an article with the apporpriate solution: apparently one needs to update the ACL on Documents and Settings\AllUsers\ApplicationData\Microsoft\Crypto\RSA\MachineKeys. Simple, but not trivial.