LLUIGI
asked on
Adprep and DCPROMO Error when upgrading from 2003 to 2008 r2
I Am Upgrading my domain to server 2008 r2 I have ran the following:
ADPREP /FORESTPREP
ADPREP /DOMAINPREP
ADPREP /DOMAINPREP /GPPREP
ADPREP /RODCPREP
When I run ADPREP /RDCPREP I get errors that you can see in the log at the bottom of the post on the 2008 r2 machine when I run DCPROMO any help would be appreciated.
****LOG STARTS NOW****
Adprep created the log file ADPrep.log under C:\WINDOWS\debug\adprep\lo gs\2014110 1142915 directory.
Adprep connected to the domain FSMO: WallachBethFS.wallachbeth. local.
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is (null).
LDAP API ldap_search_s() finished, return code is 0x0
Adprep successfully retrieved information from the local Active Directory Domain Services.
Adprep successfully initialized global variables.
[Status/Consequence]
Adprep is continuing.
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is CN=Partitions,CN=Configura tion,DC=wa llachbeth, DC=local.
LDAP API ldap_search_s finished, return code is 0x0
========================== ========== ========== ========== ========== ========== ==
Adprep found partition DC=DomainDnsZones,DC=walla chbeth,DC= local, and is about to update the permissions.
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is CN=Infrastructure,DC=Domai nDnsZones, DC=wallach beth,DC=lo cal.
LDAP API ldap_search_s finished, return code is 0x0
Adprep connected to a replica DC WallachBethFS.wallachbeth. local that holds partition DC=DomainDnsZones,DC=walla chbeth,DC= local.
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is DC=DomainDnsZones,DC=walla chbeth,DC= local.
LDAP API ldap_search_s() finished, return code is 0x0
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is DC=DomainDnsZones,DC=walla chbeth,DC= local.
LDAP API ldap_modify_ext_s() finished, return code is 0x0
Adprep successfully modified the security descriptor on object DC=DomainDnsZones,DC=walla chbeth,DC= local.
[Status/Consequence]
Adprep merged the existing security descriptor with the new access control entry (ACE).
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is DC=DomainDnsZones,DC=walla chbeth,DC= local.
LDAP API ldap_search_s() finished, return code is 0x0
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is DC=DomainDnsZones,DC=walla chbeth,DC= local.
LDAP API ldap_modify_ext_s() finished, return code is 0x0
Adprep successfully modified the security descriptor on object DC=DomainDnsZones,DC=walla chbeth,DC= local.
[Status/Consequence]
Adprep merged the existing security descriptor with the new access control entry (ACE).
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is CN=0273d441-cc89-45e1-8f77 -6ea55c3ad a99,CN=Par titions,CN =Configura tion,DC=wa llachbeth, DC=local.
LDAP API ldap_modify_s() finished, return code is 0x33
Adprep failed the operation on partition DC=DomainDnsZones,DC=walla chbeth,DC= local. Skipping to next partition.
========================== ========== ========== ========== ========== ========== ==
========================== ========== ========== ========== ========== ========== ==
Adprep found partition DC=ForestDnsZones,DC=walla chbeth,DC= local, and is about to update the permissions.
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is CN=Infrastructure,DC=Fores tDnsZones, DC=wallach beth,DC=lo cal.
LDAP API ldap_search_s finished, return code is 0x0
Adprep connected to a replica DC WallachBethFS.wallachbeth. local that holds partition DC=ForestDnsZones,DC=walla chbeth,DC= local.
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is DC=ForestDnsZones,DC=walla chbeth,DC= local.
LDAP API ldap_search_s() finished, return code is 0x0
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is DC=ForestDnsZones,DC=walla chbeth,DC= local.
LDAP API ldap_modify_ext_s() finished, return code is 0x0
Adprep successfully modified the security descriptor on object DC=ForestDnsZones,DC=walla chbeth,DC= local.
[Status/Consequence]
Adprep merged the existing security descriptor with the new access control entry (ACE).
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is DC=ForestDnsZones,DC=walla chbeth,DC= local.
LDAP API ldap_search_s() finished, return code is 0x0
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is DC=ForestDnsZones,DC=walla chbeth,DC= local.
LDAP API ldap_modify_ext_s() finished, return code is 0x0
Adprep successfully modified the security descriptor on object DC=ForestDnsZones,DC=walla chbeth,DC= local.
[Status/Consequence]
Adprep merged the existing security descriptor with the new access control entry (ACE).
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is CN=73620c7c-9952-4b60-8bd5 -2ffc8c867 81c,CN=Par titions,CN =Configura tion,DC=wa llachbeth, DC=local.
LDAP API ldap_modify_s() finished, return code is 0x33
Adprep failed the operation on partition DC=ForestDnsZones,DC=walla chbeth,DC= local. Skipping to next partition.
========================== ========== ========== ========== ========== ========== ==
========================== ========== ========== ========== ========== ========== ==
Adprep found partition DC=wallachbeth,DC=local, and is about to update the permissions.
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is CN=Infrastructure,DC=walla chbeth,DC= local.
LDAP API ldap_search_s finished, return code is 0x0
Adprep connected to the Infrastructure FSMO: WallachBethFS.wallachbeth. local.
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is DC=wallachbeth,DC=local.
LDAP API ldap_search_s() finished, return code is 0x0
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is DC=wallachbeth,DC=local.
LDAP API ldap_modify_ext_s() finished, return code is 0x0
Adprep successfully modified the security descriptor on object DC=wallachbeth,DC=local.
[Status/Consequence]
Adprep merged the existing security descriptor with the new access control entry (ACE).
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is DC=wallachbeth,DC=local.
LDAP API ldap_search_s() finished, return code is 0x0
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is DC=wallachbeth,DC=local.
LDAP API ldap_modify_ext_s() finished, return code is 0x0
Adprep successfully modified the security descriptor on object DC=wallachbeth,DC=local.
[Status/Consequence]
Adprep merged the existing security descriptor with the new access control entry (ACE).
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is CN=WALLACHBETH,CN=Partitio ns,CN=Conf iguration, DC=wallach beth,DC=lo cal.
LDAP API ldap_modify_s() finished, return code is 0x33
Adprep failed the operation on partition DC=wallachbeth,DC=local. Skipping to next partition.
========================== ========== ========== ========== ========== ========== ==
Adprep completed with errors. Not all partitions are updated. See the ADPrep.log in the C:\WINDOWS\debug\adprep\lo gs\2014110 1142915 directory for more information.
To successfully update all partititions, the current logged on user needs to be a member of Enterprise Admins group. If that is not the case, please correct the problem, and then restart Adprep.
ADPREP /FORESTPREP
ADPREP /DOMAINPREP
ADPREP /DOMAINPREP /GPPREP
ADPREP /RODCPREP
When I run ADPREP /RDCPREP I get errors that you can see in the log at the bottom of the post on the 2008 r2 machine when I run DCPROMO any help would be appreciated.
****LOG STARTS NOW****
Adprep created the log file ADPrep.log under C:\WINDOWS\debug\adprep\lo
Adprep connected to the domain FSMO: WallachBethFS.wallachbeth.
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is (null).
LDAP API ldap_search_s() finished, return code is 0x0
Adprep successfully retrieved information from the local Active Directory Domain Services.
Adprep successfully initialized global variables.
[Status/Consequence]
Adprep is continuing.
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is CN=Partitions,CN=Configura
LDAP API ldap_search_s finished, return code is 0x0
==========================
Adprep found partition DC=DomainDnsZones,DC=walla
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is CN=Infrastructure,DC=Domai
LDAP API ldap_search_s finished, return code is 0x0
Adprep connected to a replica DC WallachBethFS.wallachbeth.
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is DC=DomainDnsZones,DC=walla
LDAP API ldap_search_s() finished, return code is 0x0
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is DC=DomainDnsZones,DC=walla
LDAP API ldap_modify_ext_s() finished, return code is 0x0
Adprep successfully modified the security descriptor on object DC=DomainDnsZones,DC=walla
[Status/Consequence]
Adprep merged the existing security descriptor with the new access control entry (ACE).
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is DC=DomainDnsZones,DC=walla
LDAP API ldap_search_s() finished, return code is 0x0
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is DC=DomainDnsZones,DC=walla
LDAP API ldap_modify_ext_s() finished, return code is 0x0
Adprep successfully modified the security descriptor on object DC=DomainDnsZones,DC=walla
[Status/Consequence]
Adprep merged the existing security descriptor with the new access control entry (ACE).
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is CN=0273d441-cc89-45e1-8f77
LDAP API ldap_modify_s() finished, return code is 0x33
Adprep failed the operation on partition DC=DomainDnsZones,DC=walla
==========================
==========================
Adprep found partition DC=ForestDnsZones,DC=walla
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is CN=Infrastructure,DC=Fores
LDAP API ldap_search_s finished, return code is 0x0
Adprep connected to a replica DC WallachBethFS.wallachbeth.
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is DC=ForestDnsZones,DC=walla
LDAP API ldap_search_s() finished, return code is 0x0
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is DC=ForestDnsZones,DC=walla
LDAP API ldap_modify_ext_s() finished, return code is 0x0
Adprep successfully modified the security descriptor on object DC=ForestDnsZones,DC=walla
[Status/Consequence]
Adprep merged the existing security descriptor with the new access control entry (ACE).
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is DC=ForestDnsZones,DC=walla
LDAP API ldap_search_s() finished, return code is 0x0
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is DC=ForestDnsZones,DC=walla
LDAP API ldap_modify_ext_s() finished, return code is 0x0
Adprep successfully modified the security descriptor on object DC=ForestDnsZones,DC=walla
[Status/Consequence]
Adprep merged the existing security descriptor with the new access control entry (ACE).
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is CN=73620c7c-9952-4b60-8bd5
LDAP API ldap_modify_s() finished, return code is 0x33
Adprep failed the operation on partition DC=ForestDnsZones,DC=walla
==========================
==========================
Adprep found partition DC=wallachbeth,DC=local, and is about to update the permissions.
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is CN=Infrastructure,DC=walla
LDAP API ldap_search_s finished, return code is 0x0
Adprep connected to the Infrastructure FSMO: WallachBethFS.wallachbeth.
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is DC=wallachbeth,DC=local.
LDAP API ldap_search_s() finished, return code is 0x0
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is DC=wallachbeth,DC=local.
LDAP API ldap_modify_ext_s() finished, return code is 0x0
Adprep successfully modified the security descriptor on object DC=wallachbeth,DC=local.
[Status/Consequence]
Adprep merged the existing security descriptor with the new access control entry (ACE).
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is DC=wallachbeth,DC=local.
LDAP API ldap_search_s() finished, return code is 0x0
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is DC=wallachbeth,DC=local.
LDAP API ldap_modify_ext_s() finished, return code is 0x0
Adprep successfully modified the security descriptor on object DC=wallachbeth,DC=local.
[Status/Consequence]
Adprep merged the existing security descriptor with the new access control entry (ACE).
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is CN=WALLACHBETH,CN=Partitio
LDAP API ldap_modify_s() finished, return code is 0x33
Adprep failed the operation on partition DC=wallachbeth,DC=local. Skipping to next partition.
==========================
Adprep completed with errors. Not all partitions are updated. See the ADPrep.log in the C:\WINDOWS\debug\adprep\lo
To successfully update all partititions, the current logged on user needs to be a member of Enterprise Admins group. If that is not the case, please correct the problem, and then restart Adprep.
ASKER
Yes I am good on that front
Also if you are not planning on deploying a Read-Only Domain Controller, there is no need to run ADPREP /RODCPREP.
-saige-
-saige-
ASKER
ok then that is the only error we received in the process so far why is DCPROMO asking for adprep again?
ASKER
I have noticed that replication between my 2 2003 Server is now reporting a mismatch error. when I run DCPROMO it still requests ADPREP To be ran
Which ADPREP did you run (DVD location)? Did you run ADPREP on your 2003 domain controller? Does the 2003 domain controller hold all of the FSMO roles?
-saige-
-saige-
Hi
it looks like this
Adprep /rodcprep will log an error if the infrastructure master for an application directory partition is not available
If the domain controller that holds the infrastructure operations master (also known as flexible single master operations or FSMO) role for an application directory partition is not available when you run the adprep /rodcprep command to prepare a forest for an RODC, the command can return an error. The error is logged in the Adprep.log file, and it indicates that Adprep failed an operation on the application directory partition that is named in the error. By default, domain controllers have application directory partitions for DNS.
The infrastructure operations master role holder for each application directory partition must be online when you run adprep /rodcprep. If the role holder is not online, which could happen if the domain controller that hosted the role was forcefully demoted without performing metadata cleanup, then adprep /rodcprep can log the error.
noteNote
The infrastructure operations master role for an application directory partition is not the same as the infrastructure operations master role for a domain partition.
For more information about fixing this issue, see article 949257 in the Microsoft Knowledge base (http://go.microsoft.com/fwlink/?LinkID=114419).
from
http://technet.microsoft.com/en-gb/library/2a325aca-db4f-4004-a5d7-8703082d8702(v=ws.10)#BKMK_RodcprepError
it looks like this
Adprep /rodcprep will log an error if the infrastructure master for an application directory partition is not available
If the domain controller that holds the infrastructure operations master (also known as flexible single master operations or FSMO) role for an application directory partition is not available when you run the adprep /rodcprep command to prepare a forest for an RODC, the command can return an error. The error is logged in the Adprep.log file, and it indicates that Adprep failed an operation on the application directory partition that is named in the error. By default, domain controllers have application directory partitions for DNS.
The infrastructure operations master role holder for each application directory partition must be online when you run adprep /rodcprep. If the role holder is not online, which could happen if the domain controller that hosted the role was forcefully demoted without performing metadata cleanup, then adprep /rodcprep can log the error.
noteNote
The infrastructure operations master role for an application directory partition is not the same as the infrastructure operations master role for a domain partition.
For more information about fixing this issue, see article 949257 in the Microsoft Knowledge base (http://go.microsoft.com/fwlink/?LinkID=114419).
from
http://technet.microsoft.com/en-gb/library/2a325aca-db4f-4004-a5d7-8703082d8702(v=ws.10)#BKMK_RodcprepError
that said if you dont plan to use rodc you can disregard this message
ASKER
ok thank you but what does that have to do with the DCPROMO error asking to run ADPREP /FORESTPREP on the DC that holds the FSMO Roles when that already has been done successfully?
ASKER
rodc is out I just need to clear up DCPROMO Error so I can move forward.
ASKER
please see attached adprep log file
ADPrep.log
ADPrep.log
On the server that you ran ADPREP from:
1. Click Start, click Run, type cmd in the Open box, and then press ENTER.
2. Type ntdsutil, and then press ENTER.
3. Type rol, and then press ENTER.
4. Type con, and then press ENTER.
5. Type con to ser localhost, and then press ENTER.
6. Type quit, and then press ENTER.
7. Type sel op tar, and then press ENTER.
8. Type li ro for con ser, and then press ENTER.
Please provide the output from running list roles for connected server
Example output:
-saige-
1. Click Start, click Run, type cmd in the Open box, and then press ENTER.
2. Type ntdsutil, and then press ENTER.
3. Type rol, and then press ENTER.
4. Type con, and then press ENTER.
5. Type con to ser localhost, and then press ENTER.
6. Type quit, and then press ENTER.
7. Type sel op tar, and then press ENTER.
8. Type li ro for con ser, and then press ENTER.
Please provide the output from running list roles for connected server
Example output:
-saige-
Based on your ADPREP.LOG. Run the following command and provide the output please:
DSACLS "CN=DirectoryEmailReplicat ion,CN=Cer tificate Templates,CN=Public Key Services,CN=Services,CN=Co nfiguratio n,DC=walla chbeth,DC= local"
-saige-
DSACLS "CN=DirectoryEmailReplicat
-saige-
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Adprep.exe is a command-line tool that is available on the Windows Server 2008 installation disc in the \sources\adprep folder,Source
and it is available on the Windows Server 2008 R2 installation disk in the \support\adprep folder.
You must run adprep from an elevated command prompt. To open an elevated command prompt, click Start, right-click Command Prompt, and then click Run as administrator.
To complete the required operations, you must run the Adprep.exe commands that are listed in the following table. You must run adprep /forestprep before you run other commands. Some commands must be run on specific domain controllers, as indicated in the table. None of the commands requires a restart of the server after the operation is complete. The remaining sections in this topic contain more details about each command.Source
-saige-
Below is how to tell if Forestprep was run in your environment. I would suggest runn this on the server with the schema role.. Also can you paste the results of the following command: repadmin /showrepl
To verify that adprep /forestprep completed successfully
1.Log on to an administrative workstation that has ADSIEdit installed. ADSIEdit is installed by default on domain controllers that run Windows Server 2008 or Windows Server 2008 R2.
2.Click Start, click Run, type ADSIEdit.msc, and then click OK.
3.Click Action, and then click Connect to.
4.Click Select a well known Naming Context, select Configuration in the list of available naming contexts, and then click OK.
5.Double-click Configuration, and then double-click CN=Configuration,DC=forest _root_doma in
where forest_root_domain is the distinguished name of your forest root domain.
6.Double-click CN=ForestUpdates.
7.Right-click CN=ActiveDirectoryUpdate, and then click Properties.
8.If you ran adprep /forestprep for Windows Server 2008 R2, confirm that the Revision attribute value is 5, and then click OK.
If you ran adprep /forestprep for Windows Server 2008, confirm that the Revision attribute value is 2, and then click OK.
9.Click ADSI Edit, click Action, and then click Connect to.
10.Click Select a Well known naming context, select Schema in the list of available naming contexts, and then click OK.
11.Double-click Schema.
12.Right-click CN=Schema,CN=Configuration ,DC=forest _root_doma in, and then click Properties
where forest_root_domain is the distinguished name of your forest root domain.
13.If you ran adprep /forestprep for Windows Server 2008 R2, confirm that the objectVersion attribute value is set to 47, and then click OK.
If you ran adprep /forestprep for Windows Server 2008, confirm that the objectVersion attribute value is set to 44, and then click OK.
To verify that adprep /forestprep completed successfully
1.Log on to an administrative workstation that has ADSIEdit installed. ADSIEdit is installed by default on domain controllers that run Windows Server 2008 or Windows Server 2008 R2.
2.Click Start, click Run, type ADSIEdit.msc, and then click OK.
3.Click Action, and then click Connect to.
4.Click Select a well known Naming Context, select Configuration in the list of available naming contexts, and then click OK.
5.Double-click Configuration, and then double-click CN=Configuration,DC=forest
where forest_root_domain is the distinguished name of your forest root domain.
6.Double-click CN=ForestUpdates.
7.Right-click CN=ActiveDirectoryUpdate, and then click Properties.
8.If you ran adprep /forestprep for Windows Server 2008 R2, confirm that the Revision attribute value is 5, and then click OK.
If you ran adprep /forestprep for Windows Server 2008, confirm that the Revision attribute value is 2, and then click OK.
9.Click ADSI Edit, click Action, and then click Connect to.
10.Click Select a Well known naming context, select Schema in the list of available naming contexts, and then click OK.
11.Double-click Schema.
12.Right-click CN=Schema,CN=Configuration
where forest_root_domain is the distinguished name of your forest root domain.
13.If you ran adprep /forestprep for Windows Server 2008 R2, confirm that the objectVersion attribute value is set to 47, and then click OK.
If you ran adprep /forestprep for Windows Server 2008, confirm that the objectVersion attribute value is set to 44, and then click OK.
seems you are using adprep from 2008 media while putting in a 2008 R2 server; that would cause this to happen
as mentioned, the schema needs to be at 47 while yours is at 44 (2008 level)
you run dcpromo on the 2008 R2 server and says you need to run adprep because it's at 2008 level, not 2008 R2
if your 2003 server is 32bit, run adprep32 there from the R2 media
as mentioned, the schema needs to be at 47 while yours is at 44 (2008 level)
you run dcpromo on the 2008 R2 server and says you need to run adprep because it's at 2008 level, not 2008 R2
if your 2003 server is 32bit, run adprep32 there from the R2 media
ASKER
I used the ADPREP from the 2008 r2 dvd (Successful)
and then I contacted MS and they sent me a link for the x86 version which I tried to run but said it already has ran
and then I contacted MS and they sent me a link for the x86 version which I tried to run but said it already has ran
ASKER
Will I be able to run ADPREP again if I use the ADPREP from the 2008 r2 \sources\adprep\
are you certain it is R2 media before?
the adprep log shows sch44.ldf as the last file it processed which is for 2008; it should have gone through sch47.ldf for R2
as i said, if your 2003 server is 32bit, use adprep32; adprep won't work there since it's 64bit binary
the adprep log shows sch44.ldf as the last file it processed which is for 2008; it should have gone through sch47.ldf for R2
as i said, if your 2003 server is 32bit, use adprep32; adprep won't work there since it's 64bit binary
You should only need to run ADPREP once per domain. You don't need to run it on each server unless you have your FSMO roles segregated, then in that case you would run:
1. ADPREP /FORESTPREP on your Schema Operations Master (Once for the entire forest)
2. ADPREP /DOMAINPREP on your Infrastructure Operations Masters (Once in each domain where you plan to install an additional domain controller that runs a later version of Windows Server than the latest version that is running in the domain.)
3. ADPREP /DOMAINPREP /GPPREP on your Infrastructure Operations Masters (Once in each domain within the forest). Note: If you already ran the /gpprep parameter for Windows Server 2003, you do not have to run it again for later versions of Windows Server.
Now I would recommend that we get a state of the domain since you have successfully ran adprep. compdigit44 gave instructions on how to check your schema level here: Check Schema Instructions.
-saige-
1. ADPREP /FORESTPREP on your Schema Operations Master (Once for the entire forest)
2. ADPREP /DOMAINPREP on your Infrastructure Operations Masters (Once in each domain where you plan to install an additional domain controller that runs a later version of Windows Server than the latest version that is running in the domain.)
3. ADPREP /DOMAINPREP /GPPREP on your Infrastructure Operations Masters (Once in each domain within the forest). Note: If you already ran the /gpprep parameter for Windows Server 2003, you do not have to run it again for later versions of Windows Server.
Now I would recommend that we get a state of the domain since you have successfully ran adprep. compdigit44 gave instructions on how to check your schema level here: Check Schema Instructions.
-saige-
ASKER
OK I have adprep32 running now
ASKER
Inadvertently downloaded Server 2008 not Server 2008 r2 all is correct now. Thank you
ASKER
Server "localhost" knows about 5 roles
Schema - CN=NTDS Settings,CN=WALLACHBETHFS, CN=Servers ,CN=100-Wa ll,CN=Site s,CN=Co
nfiguration,DC=wallachbeth ,DC=local
Domain - CN=NTDS Settings,CN=WALLACHBETHFS, CN=Servers ,CN=100-Wa ll,CN=Site s,CN=Co
nfiguration,DC=wallachbeth ,DC=local
PDC - CN=NTDS Settings,CN=WALLACHBETHFS, CN=Servers ,CN=100-Wa ll,CN=Site s,CN=Confi
guration,DC=wallachbeth,DC =local
RID - CN=NTDS Settings,CN=WALLACHBETHFS, CN=Servers ,CN=100-Wa ll,CN=Site s,CN=Confi
guration,DC=wallachbeth,DC =local
Infrastructure - CN=NTDS Settings,CN=WALLACHBETHFS, CN=Servers ,CN=100-Wa ll,CN=Sit
es,CN=Configuration,DC=wal lachbeth,D C=local
select operation target:
Schema - CN=NTDS Settings,CN=WALLACHBETHFS,
nfiguration,DC=wallachbeth
Domain - CN=NTDS Settings,CN=WALLACHBETHFS,
nfiguration,DC=wallachbeth
PDC - CN=NTDS Settings,CN=WALLACHBETHFS,
guration,DC=wallachbeth,DC
RID - CN=NTDS Settings,CN=WALLACHBETHFS,
guration,DC=wallachbeth,DC
Infrastructure - CN=NTDS Settings,CN=WALLACHBETHFS,
es,CN=Configuration,DC=wal
select operation target:
Not a problem. Glad you have it all sorted out now.
-saige-
-saige-
ASKER
Checked Schema Level and the correct values 5 and 47 have been confirmed thanks again
-saige-