Solved

Schema changes to Win2k AD when indrocuding Win2k3 DC?

Posted on 2004-04-08
6
288 Views
Last Modified: 2010-04-13
I currently have a Windows 2000 AD forest and a Windows 2000 native domain.  I'd like to introduce a Windows Server 2003 DC to an existing domain without upgrading the functional level from Win2k native.

I've read in many places that Win2k3 can act as a DC in a 2000 native domain, but when I run dcpromo on the Win2k3 server to promote it, it requires that adprep be run on the forest and domain before it can be added.

Does anyone know what adprep is doing to "prepare" the forest and domain?  My assumption is that the end result will still be a Windows 2000 forest and a Windows 2000 native AD domain, but it obviously did _something_ to the AD structure.  There are services within my company that are heavily integrated with AD , so I can't modify the schema, but I can theoretically extend it so long as all the existing fields do not change.

I'm aware that the Win2k AD schema also has different "levels" within the same functional level; is this what the Win2k3 aprep is changing?  Does anyone know which level it needs to be at for the Win2k3 DC to be present?  Can the Win2k3 adprep only extend the schema (assuming the functional level doesn't change), or can it modify what's already existing?
0
Comment
Question by:dane_m
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 
LVL 22

Expert Comment

by:Christopher McKay
ID: 10785486
Hi dane_m,
http://www.microsoft.com/resources/documentation/IIS/6/all/proddocs/en-us/Default.asp?url=/resources/documentation/IIS/6/all/proddocs/en-us/adprep.asp
The above link is what Microsoft has to say about Adprep and what it does.

In addition to extending the schema, adprep also updates default security descriptors, and adds new directory objects.

Hope this helps!

:o)

Bartender_1
0
 

Author Comment

by:dane_m
ID: 10788124
Thanks Bartender_1, I love how Microsoft gives enough information just to make users dangerous without really informing them how the product works.

I'm trying to determine what effect the Win2k3 adprep will have on the domain so I can verify my notes with other departments in my company to tell them why this schema extention won't affect their applications (assuming my notes say it doesn't :) ).

I vaguely recall there being different numbered levels of the AD schema that can exist under the "Windows 2000 native" domain functional level.  I'm hoping that this is what the Win2k3 adprep does (ups the "number" of the schema), which _should_ mean that it can't make any changes that would affect/break apps that rely on the Windows 2000 native AD schema for operation.

Do you have any information that would support my theory?
0
 
LVL 22

Accepted Solution

by:
Christopher McKay earned 500 total points
ID: 10788373
dane_m,

While I never "swear" by anything with Microsoft, I would expect that this comment (on the page supplied by the above link) "After you prepare your forests and domains with adprep, you can leave your domain controllers running Windows 2000 for an indefinite length of time, or you can begin the domain controller upgrade immediately. " would mean that it doesn't change anything in AD that would adversly affect Win2K servers (and therefore, software that's been built for AD integration)

Have you checked the websites of the vendors for your applications?
(Search for FAQs or patches, etc.)

My best suggestion at this point (only because it's quicker than scouring the Microsoft site) would be:

Do a complete backup including your system state, etc.
Run the adprep,
Test your applications,
If they work, go celebrate,
If they don't work, then restore from backup.

:o)

Bartender_1
0

Featured Post

Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Outlook for dependable use in a very small business   This article is about using the Outlook application (part of Microsoft Office) in a very small business, or for homeowners where dependability and reliability are critical requirements. This …
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question