Adding Server 2003 DC to 2000 Domain

Posted on 2006-06-08
Last Modified: 2012-05-05
We currently have a Windows 2000 Domain, and I wanted to see what risks if any there were into adding a Server 2003 domain controller. Also, do I need to do anything before adding it?

The reason for adding a 2k3 controller is to serve as a radius server for wireless clients.

Thanks, Mike.
Question by:OpTiCz
    LVL 70

    Accepted Solution


    Hi Mike,

    You have to update the Schema before you can promote a 2003 Server to a DC in a Windows 2000 Domain. You should always always take a full system state backup before letting things play with the Schema. That said, this has been done a great deal and I've never seen it cause a problem - so the backup is one of those better safe than sorry things.

    There are two things that need to be done:

    First on your Schema Master insert the Windows 2003 CD then (from the command line) head over to the i386 Folder then run ADPrep /ForestPrep.

    It's best to wait a little after that's done to make sure it has time to replicate changes everywhere, so give it an hour then head over to your Infrastructure Master and again pop the 2003 CD in and run ADPrep /DomainPrep.

    If you have a lot of child domains then DomainPrep would need to be done for each Child Domain (but it sounds like you only have one so you shouldn't need to worry about that).

    Finally if you're not sure where your roles are you can try this:

    netdom query fsmo

    If that doesn't work do:

    Start, Run, ntdsutil, then at the prompt type:
    Connect To Server <Name Of A DC>
    Select Operation Target
    List Roles For Connected Server

    And it'll tell you where all 5 of the roles are that way.


    LVL 11

    Assisted Solution

    Hi OpTiCz,
    there are no real risks, if you follow the right guidelines, you'll instead see some improvements in AD management. (For example, the fact you'll be able to create Group Policies in test mode and to use command lines management tools for AD).
    Remember that you have to run adprep /forestprep and /domainprep using the adprep.exe of the Windows 2003 CD (not the previous one):
    Have a bit more defensive approach, if you have Exchange 2000 in your forest:

    LVL 48

    Assisted Solution

    Hi OpTiCz,

    with windows 2003 R2 (release 2) you will need to run the adprep tools from the second cd supplied in the 2 cd set!


    you can also download here

    this boosts the schema up to cope with R2 functionality

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    6 Surprising Benefits of Threat Intelligence

    All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

    The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
    On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
    how to add IIS SMTP to handle application/Scanner relays into office 365.
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now