[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1866
  • Last Modified:

Problems running adprep /forestprep There is a schema conflict with Exchange 2000. The schema is not upgraded.

About to install a Windows 2003 server in a Windows 2000 domain. Have to run adprep + domaiprep. After running adprep /domainprep i got a message like this:
"Adprep was unable to extend the schema.
[Status/Consequence]
There is a schema conflict with Exchange 2000. The schema is not upgraded.
[User Action]
The schema conflict must be resolved before running adprep. Resolve the schema c
onflict, allow the change to replicate between all replication partners, and the
n run Adprep. For information on resolving the conflict, see Microsoft Knowledge
 Base article Q325379."

I have read the Q325739 and tried the "Scenario 3" (correct me if I am wrong here)  but I do not understand to do after number 5, it does not say execute or anything else... What shall I do here is my first question?
0
Handersson75
Asked:
Handersson75
  • 9
  • 8
1 Solution
 
Jay_Jay70Commented:
Hi Handersson75,

where exactly inthat document are you looking at
0
 
Handersson75Author Commented:
What to do after no. 5 in this scenario...

------
Scenario 3: The Windows Server 2003 forestprep command was run without first running inetOrgPersonFix
If you run the Windows Server 2003 adprep /forestprep command in a Windows 2000 forest that contains the Exchange 2000 schema changes, the LDAPDisplayName attributes for houseIdentifier, secretary, and labeledURI will become mangled. To identify mangled names, use Ldp.exe to locate the affected attributes: 1. Install Ldp.exe from the Support\Tools folder of the Microsoft Windows 2000 or Windows Server 2003 media.
2. Start Ldp.exe from a domain controller or member computer in the forest. a.  On the Connection menu, click Connect, leave the Server box empty, type 389 in the Port box, and then click OK.
b.  On the Connection menu, click Bind, leave all the boxes empty, and then click OK.
 
3. Record the distinguished name path for the SchemaNamingContext attribute. For example, for a domain controller in the CORP.ADATUM.COM forest, the distinguished name path might be CN=Schema,CN=Configuration,DC=corp,DC=company,DC=com.
4. On the Browse menu, click Search.
5. Use the following settings to configure the Search dialog box: • Base DN: The distinguished name path for the schema naming context that is identified in step 3.
• Filter: (ldapdisplayname=dup*)  
• Scope: Subtree
 
6. Mangled houseIdentifier, secretary, and labeledURI attributes have LDAPDisplayName attributes that are similar to the following format:
LDAPDisplayName: DUP-labeledURI-9591bbd3-d2a6-4669-afda-48af7c35507d;
LDAPDisplayName: DUP-secretary-c5a1240d-70c0-455c-9906-a4070602f85f
LDAPDisplayName: DUP-houseIdentifier-354b0ca8-9b6c-4722-aae7-e66906cc9eef
7. If the LDAPDisplayNames for labeledURI, secretary, and houseIdentifier were mangled in step 6, run the Windows Server 2003 InetOrgPersonFix.ldf script to recover, and then go to the "Upgrading Windows 2000 domain controllers with Winnt32.exe" section. a.  Create a folder named %Systemdrive%\IOP, and then extract the InetOrgPersonFix.ldf file to this folder.  
b.  At a command prompt, type cd %systemdrive%\iop.
c.  Extract the InetOrgPersonFix.ldf file from the Support.cab file that is located in the Support\Tools folder of the Windows Server 2003 installation media.
d.  From the console of the schema operations master, load the InetOrgPersonFix.ldf file by using Ldifde.exe to correct the LdapDisplayName attribute of the houseIdentifier, secretary, and labeledURI attributes. To do so, type the following command, where <X> is a case-sensitive constant and <dn path for forest root domain> is the domain name path for the root domain of the forest:
C:\IOP>ldifde -i -f inetorgpersonfix.ldf -v -c DC=X "domain name path for forest root domain"
Syntax notes:• DC=X is a case-sensitive constant.
• The domain name path for the forest root domain must be enclosed in quotation marks.
 
 
8. Verify that the houseIdentifier, secretary, and labeledURI attributes in the schema naming context are not "mangled" before you install Exchange 2000.
For more information about a related schema conflict with Services for UNIX version 2.0, click the following article number to view the article in the Microsoft Knowledge Base:
293783 (http://support.microsoft.com/kb/293783/) Cannot upgrade Windows 2000 server to Windows Server 2003 with Windows Services for UNIX 2.0 installed

------
0
 
Jay_Jay70Commented:
its saying if you find any of those with the mangled value, then run the inetorgPersonFix
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
Handersson75Author Commented:

I started ldap on my computer and have done 1-4. This it what it says (xxx is instead of my company name... )

Where to find the mangled value?

-------------
ld = ldap_open("", 389);
Established connection to .
Retrieving base DSA information...
Result <0>: (null)
Matched DNs:
Getting 1 entries:
>> Dn:
      1> currentTime: 05/08/2006 22:20:29 Västeuropa, normaltid Västeuropa, sommartid;
      1> subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=xxx,DC=local;
      1> dsServiceName: CN=NTDS Settings,CN=SRV05,CN=Servers,CN=Stockholm,CN=Sites,CN=Configuration,DC=xxx,DC=local;
      3> namingContexts: CN=Schema,CN=Configuration,DC=xxx,DC=local; CN=Configuration,DC=xxx,DC=local; DC=xxx,DC=local;
      1> defaultNamingContext: DC=xxx,DC=local;
      1> schemaNamingContext: CN=Schema,CN=Configuration,DC=xxx,DC=local;
      1> configurationNamingContext: CN=Configuration,DC=xxx,DC=local;
      1> rootDomainNamingContext: DC=xxx,DC=local;
      16> supportedControl: 1.2.840.113556.1.4.319; 1.2.840.113556.1.4.801; 1.2.840.113556.1.4.473; 1.2.840.113556.1.4.528; 1.2.840.113556.1.4.417; 1.2.840.113556.1.4.619; 1.2.840.113556.1.4.841; 1.2.840.113556.1.4.529; 1.2.840.113556.1.4.805; 1.2.840.113556.1.4.521; 1.2.840.113556.1.4.970; 1.2.840.113556.1.4.1338; 1.2.840.113556.1.4.474; 1.2.840.113556.1.4.1339; 1.2.840.113556.1.4.1340; 1.2.840.113556.1.4.1413;
      2> supportedLDAPVersion: 3; 2;
      12> supportedLDAPPolicies: MaxPoolThreads; MaxDatagramRecv; MaxReceiveBuffer; InitRecvTimeout; MaxConnections; MaxConnIdleTime; MaxActiveQueries; MaxPageSize; MaxQueryDuration; MaxTempTableSize; MaxResultSetSize; MaxNotificationPerConn;
      1> highestCommittedUSN: 3762084;
      2> supportedSASLMechanisms: GSSAPI; GSS-SPNEGO;
      1> dnsHostName: srv05.xxx.local;
      1> ldapServiceName: xxx.local:srv05$@xxx.LOCAL;
      1> serverName: CN=SRV05,CN=Servers,CN=Stockholm,CN=Sites,CN=Configuration,DC=xxx,DC=local;
      2> supportedCapabilities: 1.2.840.113556.1.4.800; 1.2.840.113556.1.4.1791;
      1> isSynchronized: TRUE;
      1> isGlobalCatalogReady: FALSE;
-----------
res = ldap_bind_s(ld, NULL, &NtAuthIdentity, 1158); // v.3
      {NtAuthIdentity: User='NULL'; Pwd= <unavailable>; domain = 'NULL'.}
Authenticated as dn:'NULL'.
***Searching...
ldap_search_s(ld, "CN=Schema,CN=Configuration,DC=xxx,DC=local", 2, "(ldapdisplayname=dup*)", attrList,  0, &msg)
Result <0>: (null)
Matched DNs:
Getting 0 entries:
-----------

0
 
Jay_Jay70Commented:
you dont have any mangled in that string
0
 
Handersson75Author Commented:
oki ...That is good.  But now is the question what else can cause the conflict? Or do I have to do anything before I run the adprep /domainprep?
0
 
Jay_Jay70Commented:
hmmm, are you trying to add R2 server in?
0
 
Handersson75Author Commented:
Yes that is correct... A R2 server... As I wrote ive got two Win 2000 servers, one of them with Exchange 2000. It is the Exchange I will replace with this R2 server.
0
 
Jay_Jay70Commented:
you didnt mention R2 in the question that i can see

try these adprep tools from the second R2 cd
\CMPNENTS\R2\ADPREP
0
 
Handersson75Author Commented:
So you mean it is a different Adprep if i will install a R2? I use CD1 and adprep. What is the difference with the adprep on CD2?
0
 
Jay_Jay70Commented:
you have to run the new adprep tools from the r2 CD, it extends the schema more so or R2 . if you dont then your server will never join
0
 
Handersson75Author Commented:
So .. now i used the adprep for R2 but the result is the same.... schema conflict and refeers to Q325379... Any ideas what to do? Have I missed anything?
0
 
Jay_Jay70Commented:
hmm i have no idea,

put a pointer Q in Windows 2003 TA pointing to this, Netman66 is awesome with this kind of stuff

just give it a minimum value and put a link to here
0
 
Handersson75Author Commented:
Now I am trying Scenario 2 in http://support.microsoft.com/?kbid=325379 but it will not work.. (xxx=is my company name)
Any ideas?

--
C:\WINNT\IOP>ldifde -i -f inetorgpersonprevent.ldf -v -c DC=X ("dc=xxx,dc
=local")
Connecting to "srv01.xxx.local"
Logging in as current user using SSPI
Importing directory from file "inetorgpersonprevent.ldf"
Error occured during initialization
File operation failure
0 entries modified successfully.
An error has occurred in the program
--
0
 
Handersson75Author Commented:
Checked the spelling on "inetorgpersonprevent.ldf".. Misspelling was the problem.. Corrected and now I am runnig the adprep /forestprep =)
0
 
Jay_Jay70Commented:
Handersson75,

awesome, i was looking through that link again and again and couldnt see what was missing! had me buggered! haha! ah well at least you going strong now!
0
 
Jay_Jay70Commented:
Handersson75,

make sure you runt he right adprep /forestprep! (R2) (Grin)
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 9
  • 8
Tackle projects and never again get stuck behind a technical roadblock.
Join Now