Problems running adprep /forestprep There is a schema conflict with Exchange 2000. The schema is not upgraded.

Hi Handersson75,

where exactly inthat document are you looking at

What to do after no. 5 in this scenario...

------
Scenario 3: The Windows Server 2003 forestprep command was run without first running inetOrgPersonFix
If you run the Windows Server 2003 adprep /forestprep command in a Windows 2000 forest that contains the Exchange 2000 schema changes, the LDAPDisplayName attributes for houseIdentifier, secretary, and labeledURI will become mangled. To identify mangled names, use Ldp.exe to locate the affected attributes: 1. Install Ldp.exe from the Support\Tools folder of the Microsoft Windows 2000 or Windows Server 2003 media.
2. Start Ldp.exe from a domain controller or member computer in the forest. a.  On the Connection menu, click Connect, leave the Server box empty, type 389 in the Port box, and then click OK.
b.  On the Connection menu, click Bind, leave all the boxes empty, and then click OK.
 
3. Record the distinguished name path for the SchemaNamingContext attribute. For example, for a domain controller in the CORP.ADATUM.COM forest, the distinguished name path might be CN=Schema,CN=Configuration,DC=corp,DC=company,DC=com.
4. On the Browse menu, click Search.
5. Use the following settings to configure the Search dialog box: • Base DN: The distinguished name path for the schema naming context that is identified in step 3.
• Filter: (ldapdisplayname=dup*)  
• Scope: Subtree
 
6. Mangled houseIdentifier, secretary, and labeledURI attributes have LDAPDisplayName attributes that are similar to the following format:
LDAPDisplayName: DUP-labeledURI-9591bbd3-d2a6-4669-afda-48af7c35507d;
LDAPDisplayName: DUP-secretary-c5a1240d-70c0-455c-9906-a4070602f85f
LDAPDisplayName: DUP-houseIdentifier-354b0ca8-9b6c-4722-aae7-e66906cc9eef
7. If the LDAPDisplayNames for labeledURI, secretary, and houseIdentifier were mangled in step 6, run the Windows Server 2003 InetOrgPersonFix.ldf script to recover, and then go to the "Upgrading Windows 2000 domain controllers with Winnt32.exe" section. a.  Create a folder named %Systemdrive%\IOP, and then extract the InetOrgPersonFix.ldf file to this folder.  
b.  At a command prompt, type cd %systemdrive%\iop.
c.  Extract the InetOrgPersonFix.ldf file from the Support.cab file that is located in the Support\Tools folder of the Windows Server 2003 installation media.
d.  From the console of the schema operations master, load the InetOrgPersonFix.ldf file by using Ldifde.exe to correct the LdapDisplayName attribute of the houseIdentifier, secretary, and labeledURI attributes. To do so, type the following command, where <X> is a case-sensitive constant and <dn path for forest root domain> is the domain name path for the root domain of the forest:
C:\IOP>ldifde -i -f inetorgpersonfix.ldf -v -c DC=X "domain name path for forest root domain"
Syntax notes:• DC=X is a case-sensitive constant.
• The domain name path for the forest root domain must be enclosed in quotation marks.
 
 
8. Verify that the houseIdentifier, secretary, and labeledURI attributes in the schema naming context are not "mangled" before you install Exchange 2000.
For more information about a related schema conflict with Services for UNIX version 2.0, click the following article number to view the article in the Microsoft Knowledge Base:
293783 (http://support.microsoft.com/kb/293783/) Cannot upgrade Windows 2000 server to Windows Server 2003 with Windows Services for UNIX 2.0 installed

------

its saying if you find any of those with the mangled value, then run the inetorgPersonFix

I started ldap on my computer and have done 1-4. This it what it says (xxx is instead of my company name... )

Where to find the mangled value?

-------------
ld = ldap_open("", 389);
Established connection to .
Retrieving base DSA information...
Result <0>: (null)
Matched DNs:
Getting 1 entries:
>> Dn:
      1> currentTime: 05/08/2006 22:20:29 Västeuropa, normaltid Västeuropa, sommartid;
      1> subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=xxx,DC=local;
      1> dsServiceName: CN=NTDS Settings,CN=SRV05,CN=Servers,CN=Stockholm,CN=Sites,CN=Configuration,DC=xxx,DC=local;
      3> namingContexts: CN=Schema,CN=Configuration,DC=xxx,DC=local; CN=Configuration,DC=xxx,DC=local; DC=xxx,DC=local;
      1> defaultNamingContext: DC=xxx,DC=local;
      1> schemaNamingContext: CN=Schema,CN=Configuration,DC=xxx,DC=local;
      1> configurationNamingContext: CN=Configuration,DC=xxx,DC=local;
      1> rootDomainNamingContext: DC=xxx,DC=local;
      16> supportedControl: 1.2.840.113556.1.4.319; 1.2.840.113556.1.4.801; 1.2.840.113556.1.4.473; 1.2.840.113556.1.4.528; 1.2.840.113556.1.4.417; 1.2.840.113556.1.4.619; 1.2.840.113556.1.4.841; 1.2.840.113556.1.4.529; 1.2.840.113556.1.4.805; 1.2.840.113556.1.4.521; 1.2.840.113556.1.4.970; 1.2.840.113556.1.4.1338; 1.2.840.113556.1.4.474; 1.2.840.113556.1.4.1339; 1.2.840.113556.1.4.1340; 1.2.840.113556.1.4.1413;
      2> supportedLDAPVersion: 3; 2;
      12> supportedLDAPPolicies: MaxPoolThreads; MaxDatagramRecv; MaxReceiveBuffer; InitRecvTimeout; MaxConnections; MaxConnIdleTime; MaxActiveQueries; MaxPageSize; MaxQueryDuration; MaxTempTableSize; MaxResultSetSize; MaxNotificationPerConn;
      1> highestCommittedUSN: 3762084;
      2> supportedSASLMechanisms: GSSAPI; GSS-SPNEGO;
      1> dnsHostName: srv05.xxx.local;
      1> ldapServiceName: xxx.local:srv05$@xxx.LOCAL;
      1> serverName: CN=SRV05,CN=Servers,CN=Stockholm,CN=Sites,CN=Configuration,DC=xxx,DC=local;
      2> supportedCapabilities: 1.2.840.113556.1.4.800; 1.2.840.113556.1.4.1791;
      1> isSynchronized: TRUE;
      1> isGlobalCatalogReady: FALSE;
-----------
res = ldap_bind_s(ld, NULL, &NtAuthIdentity, 1158); // v.3
      {NtAuthIdentity: User='NULL'; Pwd= <unavailable>; domain = 'NULL'.}
Authenticated as dn:'NULL'.
***Searching...
ldap_search_s(ld, "CN=Schema,CN=Configuration,DC=xxx,DC=local", 2, "(ldapdisplayname=dup*)", attrList,  0, &msg)
Result <0>: (null)
Matched DNs:
Getting 0 entries:
-----------

oki ...That is good.  But now is the question what else can cause the conflict? Or do I have to do anything before I run the adprep /domainprep?

hmmm, are you trying to add R2 server in?

Yes that is correct... A R2 server... As I wrote ive got two Win 2000 servers, one of them with Exchange 2000. It is the Exchange I will replace with this R2 server.

you didnt mention R2 in the question that i can see

try these adprep tools from the second R2 cd
\CMPNENTS\R2\ADPREP

So you mean it is a different Adprep if i will install a R2? I use CD1 and adprep. What is the difference with the adprep on CD2?

you have to run the new adprep tools from the r2 CD, it extends the schema more so or R2 . if you dont then your server will never join

So .. now i used the adprep for R2 but the result is the same.... schema conflict and refeers to Q325379... Any ideas what to do? Have I missed anything?

hmm i have no idea,

put a pointer Q in Windows 2003 TA pointing to this, Netman66 is awesome with this kind of stuff

just give it a minimum value and put a link to here

Now I am trying Scenario 2 in http://support.microsoft.com/?kbid=325379 but it will not work.. (xxx=is my company name)
Any ideas?

--
C:\WINNT\IOP>ldifde -i -f inetorgpersonprevent.ldf -v -c DC=X ("dc=xxx,dc
=local")
Connecting to "srv01.xxx.local"
Logging in as current user using SSPI
Importing directory from file "inetorgpersonprevent.ldf"
Error occured during initialization
File operation failure
0 entries modified successfully.
An error has occurred in the program
--

Checked the spelling on "inetorgpersonprevent.ldf".. Misspelling was the problem.. Corrected and now I am runnig the adprep /forestprep =)

Handersson75,

awesome, i was looking through that link again and again and couldnt see what was missing! had me buggered! haha! ah well at least you going strong now!

Handersson75,

make sure you runt he right adprep /forestprep! (R2) (Grin)