Solved

adprep LDAP error 0X20

Posted on 2004-08-10
5
1,480 Views
Last Modified: 2008-01-16
I'm using dcpromo in a new Windows 2003 server to install the system as a domain controller in an existing Win2K domain.
I get an error saying that the AD version running in the forest doesn't match with the AD version runing in the machine.
(sorry for the translation I'm from Madrid)

So I go to the master an execute adprep /forestprep using the Win2k3 CD. And I get error 0X20 (the entry ot attibute requested does not exist on the directory server) This is the last part of adprep.log :

Adprep ha generado un error LDAP. Codigo de error: 0x20. Codigo de error extendido del servidor: 0x208d, Mensaje de error del servidor: 0000208D: NameErr: DSID-031001BD, problem 2001 (NO_OBJECT), data 0, best match of:
      'CN=Servers,CN=root,CN=Sites,CN=Configuration,DC=rentokil,DC=es'


Do you know what's the problem?

Thank you for your time.


0
Comment
Question by:dedalon
  • 4
5 Comments
 
LVL 10

Expert Comment

by:jhautani
ID: 11770910
You can not add a Win2003 DC to a Win2000 domain without preparing the forest and domain first to Win2003 level.
Basically you run two preparation commands: 'adprep /forestprep' and 'adprep /domainprep' to modify your active directory.
Detailed instructions here:
http://www.microsoft.com/resources/documentation/WindowsServ/2003/all/deployguide/en-us/dssbf_upwn_overview.asp

hope this helps
0
 
LVL 10

Expert Comment

by:jhautani
ID: 11770916
Sorry about my post. Did not read all of your posting :(
0
 
LVL 10

Expert Comment

by:jhautani
ID: 11770970
Please follow instructions in the following document to verify that your forest is ready for 2003. Mainly focus on 'Domain and forest inventory', section 2:
http://support.microsoft.com/default.aspx?scid=kb;en-us;325379
0
 

Author Comment

by:dedalon
ID: 11774039
I've run the repadmin, and I have got:

DN: CN=AS400820~1,OU=Domain Controllers,DC=rentokil,DC=es

    1> operatingSystem: Windows 2000 Server
    1> operatingSystemServicePack: Service Pack 4
    1> operatingSystemVersion: 5.0 (2195)
DN: CN=LISA-VAL,OU=Domain Controllers,DC=rentokil,DC=es

    1> operatingSystem: Windows NT
    1> operatingSystemVersion: 4.0
DN: CN=LISA-SEV,OU=Domain Controllers,DC=rentokil,DC=es

    1> operatingSystem: Windows NT
    1> operatingSystemVersion: 4.0
DN: CN=PROLIANTO,OU=Domain Controllers,DC=rentokil,DC=es

    1> operatingSystem: Windows NT
    1> operatingSystemVersion: 4.0
DN: CN=LISA-COSLADA2,OU=Domain Controllers,DC=rentokil,DC=es

    1> operatingSystem: Windows 2000 Server
    1> operatingSystemServicePack: Service Pack 4
    1> operatingSystemVersion: 5.0 (2195)
DN: CN=LISA-CSL,OU=Domain Controllers,DC=rentokil,DC=es

    1> operatingSystem: Windows Server 2003
    1> operatingSystemVersion: 5.2 (3790)
DN: CN=LISA-LEV,OU=Domain Controllers,DC=rentokil,DC=es

    1> operatingSystem: Windows 2000 Server
    1> operatingSystemServicePack: Service Pack 4
    1> operatingSystemVersion: 5.0 (2195)
DN: CN=LISA-AND,OU=Domain Controllers,DC=rentokil,DC=es

    1> operatingSystem: Windows 2000 Server
    1> operatingSystemServicePack: Service Pack 4
    1> operatingSystemVersion: 5.0 (2195)
DN: CN=LISA-SSR,OU=Domain Controllers,DC=rentokil,DC=es

    1> operatingSystem: Windows 2000 Server
    1> operatingSystemServicePack: Service Pack 4
    1> operatingSystemVersion: 5.0 (2195)
DN: CN=LISA-BCN,OU=Domain Controllers,DC=rentokil,DC=es

    1> operatingSystem: Windows 2000 Server
    1> operatingSystemServicePack: Service Pack 4
    1> operatingSystemVersion: 5.0 (2195)
DN: CN=LISA-PLM,OU=Domain Controllers,DC=rentokil,DC=es

    1> operatingSystem: Windows 2000 Server
    1> operatingSystemServicePack: Service Pack 4
    1> operatingSystemVersion: 5.0 (2195)
DN: CN=LISA-CAN,OU=Domain Controllers,DC=rentokil,DC=es

    1> operatingSystem: Windows 2000 Server
    1> operatingSystemServicePack: Service Pack 4
    1> operatingSystemVersion: 5.0 (2195)


All the Win2K are SP4, but it's showing LISA-SEV and LISA-VAL that are NT4.0 machines that have been disconected 4 months ago. PROLIANTO is the only NT 4.0 that it's alive (it's our Exchange 5.5 Server) Is the problem these old NTs?
0
 
LVL 10

Accepted Solution

by:
jhautani earned 50 total points
ID: 11777383
You should remove the two disconnected NT BDC accounts from domain in Server Manager, so that they are no longer seen as DCs.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question