bconrey
asked on
Adprep completed successfully by still getting "The version of the Active Directory schema of the forest is incompatible..."
I've got a Windows 2000 domain and have run Adprep fully and without errors (/forestprep, /domainprep, /domainprep /gpprep) on the DC. I'm now trying to add a new Server 2003 R2 server as a DC and am still seeing the message suggesting Adprep needs to be run.
I'm going to provide a great deal of history; no doubt some is relevant, apologies for that which is not.
Up until last weekend, this very small domain consisted of two servers - A and B. Both A and B were Server 2000/SP4 using either a VLK or MSDN I think (definitely not SBS). Server A provided Terminal Services, DNS, DHCP, printing....pretty much everything. B existed as a standby server in case something went wrong, as well as acting as another DC.
Through a series of unfortunate events, Server A died last weekend (mirrored hard drive failed, server hung during backups, subsequent reboots got worse and ultimately resulted in inaccessible_boot_device). B was quickly configured as a Terminal Server, apps and printers were installed, but nothing DC-related was done.
Over the past week, logins were a little slow and one winterm box started having a licensing problem on Thursday, but generally speaking things were running ok. In the meantime, I was rebuilding Server A as Server 2003 R2 on a mutually exclusive network.
Yesterday, using several great articles from this site along with one from Microsoft http://support.microsoft.com/default.aspx?kbid=216498 and several from Petri's site, I removed the failed Server A from the domain. I was able to successfully seize all 5 roles, clean up the metadata, removed all traces in ADSIedit, DNS, etc.
Once this was completed, I ran adprep as mentioned at the beginning, and completed that without errors. The 2003 version of Server A was added to the domain as a member server, then I attempted to dcpromo it, and got the message which suggested Adprep needed to run. I found an article with info from Netman66 regarding the rights of the Enterprise Admins/Schema Admins/Domain Admins, and discovered the Schema Admins didn't have full rights to the Schema in ADSIedit (I think Domain and/or Enterprise admins had rights problems too but don't have good notes from it). I corrected the rights problems.
It's important to note that the rebuilt Server A has the same name as it used to.
I found that Adprep wouldn't run because it had already completed successfully. Through some research and trial-and-error, I discovered I could change the revision property of the Windows2003update areas in ASDIedit and Adprep would go ahead and rerun. Also found that it checks each setting to see if it exists, and skips steps for any existing. Ran Adprep again, still got the message.
Tried removing the server from the domain, and dcpromo as a standalone server, to no avail. Then renamed the server (so as not to be identical to the failed server), added back to the domain as a member server and attempted dcpromo, without success.
I ran a repadmin /showreps and found several references to the old server under 'incoming neighbours', all three references had 'deleted DSA' in them. I've also walked the entire DNS tree to ensure nothing (including _msdcs, SOA, NS, host/alias, etc) referenced Server A.
Short on ideas at this point. Anyone have any?
I'm going to provide a great deal of history; no doubt some is relevant, apologies for that which is not.
Up until last weekend, this very small domain consisted of two servers - A and B. Both A and B were Server 2000/SP4 using either a VLK or MSDN I think (definitely not SBS). Server A provided Terminal Services, DNS, DHCP, printing....pretty much everything. B existed as a standby server in case something went wrong, as well as acting as another DC.
Through a series of unfortunate events, Server A died last weekend (mirrored hard drive failed, server hung during backups, subsequent reboots got worse and ultimately resulted in inaccessible_boot_device).
Over the past week, logins were a little slow and one winterm box started having a licensing problem on Thursday, but generally speaking things were running ok. In the meantime, I was rebuilding Server A as Server 2003 R2 on a mutually exclusive network.
Yesterday, using several great articles from this site along with one from Microsoft http://support.microsoft.com/default.aspx?kbid=216498 and several from Petri's site, I removed the failed Server A from the domain. I was able to successfully seize all 5 roles, clean up the metadata, removed all traces in ADSIedit, DNS, etc.
Once this was completed, I ran adprep as mentioned at the beginning, and completed that without errors. The 2003 version of Server A was added to the domain as a member server, then I attempted to dcpromo it, and got the message which suggested Adprep needed to run. I found an article with info from Netman66 regarding the rights of the Enterprise Admins/Schema Admins/Domain Admins, and discovered the Schema Admins didn't have full rights to the Schema in ADSIedit (I think Domain and/or Enterprise admins had rights problems too but don't have good notes from it). I corrected the rights problems.
It's important to note that the rebuilt Server A has the same name as it used to.
I found that Adprep wouldn't run because it had already completed successfully. Through some research and trial-and-error, I discovered I could change the revision property of the Windows2003update areas in ASDIedit and Adprep would go ahead and rerun. Also found that it checks each setting to see if it exists, and skips steps for any existing. Ran Adprep again, still got the message.
Tried removing the server from the domain, and dcpromo as a standalone server, to no avail. Then renamed the server (so as not to be identical to the failed server), added back to the domain as a member server and attempted dcpromo, without success.
I ran a repadmin /showreps and found several references to the old server under 'incoming neighbours', all three references had 'deleted DSA' in them. I've also walked the entire DNS tree to ensure nothing (including _msdcs, SOA, NS, host/alias, etc) referenced Server A.
Short on ideas at this point. Anyone have any?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Oops.
I had, as I mentioned, run adprep...but from the i386 directory. I didn't see anything about needing to run it from the second disc, and I'll be darned - i386 brought the schema up to v30, disc2's adprep brought the schema up to v31, and now I'm set.
Thanks Jay_jay, thanks Netman66.
Brian
I had, as I mentioned, run adprep...but from the i386 directory. I didn't see anything about needing to run it from the second disc, and I'll be darned - i386 brought the schema up to v30, disc2's adprep brought the schema up to v31, and now I'm set.
Thanks Jay_jay, thanks Netman66.
Brian
Make sure you credit Jay - he brought it to your attention first.
ASKER
Good point, I didn't catch that until I re-read his comment. Now I just need to figure out how to switch or split the points.
Thanks again.
Brian
Thanks again.
Brian
Post a Q in Community Support linking to this question. Ask the Mods to correct it.
Glad you got it sorted :)
Cheers Both
Cheers Both
ASKER
To answer your question, yes, everything used was from the R2 media. Just providing the extra info in case it matters...