Avatar of Polymorphexpert
Polymorphexpert
 asked on

Install a new Windows 2003 Server domain controller into a Windows 2000 domain


Please someone assist.
I am trying to setup a new windows 2003 server domain controller into a Windows 2000 domain.
When I go through the process of promoting the Windows 2003 server as a domain controller it fails with the error message:

''The active Directory installation wizard cannot continue because the forest is not prepared for installing Windows server 2003.  Use the adprep command line tool to prepare both the forest and the domain.''

I then went onto the existing windows 2000 domain controller which contains all 5 FSMO roles and run the adprep /forespt and adprep /domainprep commands.

However, this failed with the error message:

''this version of the AD schema is not compatible with the version of AD on this computer.

Therefore, I went on to Microsoft site and saw the article http://support.microsoft.com/kb/324392/en-us.
I obtain the hotifx from microsoft and tried to run the adprep commands again, however it fails with the error message:

''Adprep was unable to extend the schema.  
The schema master did not complete a replication cycle after the last reboot.
The schema master must complete at least one replication cycle before the schema can be updated.''

I went on the windows 2000 DC, into AD Site and Services and forced a replication however it is still failing.

Please can you someone advice what to try next.

Thanks in advance


Windows Server 2003

Avatar of undefined
Last Comment
Jay_Jay70

8/22/2022 - Mon
MidnightOne

Polymorphexpert:

How many DCs do you have on the network in its entirety? How many sites?

MidnightOne
Jeff Beckham

Please see article: http://technet2.microsoft.com/WindowsServer/en/library/ed42abd5-24c7-4b5a-8165-dbd96727ec841033.mspx?mfr=true

The drive the article refers to is that of the R2 CD.
Stephen Manderson

Hi there

Do you have exchange installed on the DC ?

Steve

I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
ASKER CERTIFIED SOLUTION
Jay_Jay70

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Polymorphexpert

ASKER

Hi Jay,

Please find attached a copy of dcdiag:

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.


C:\Documents and Settings\Administrator.FIBRE>dcdiag

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Holywell\UKHWDC02
      Starting test: Connectivity
         ......................... UKHWDC02 passed test Connectivity

Doing primary tests

   Testing server: Holywell\UKHWDC02
      Starting test: Replications
         ......................... UKHWDC02 passed test Replications
      Starting test: NCSecDesc
         ......................... UKHWDC02 passed test NCSecDesc
      Starting test: NetLogons
         ......................... UKHWDC02 passed test NetLogons
      Starting test: Advertising
         ......................... UKHWDC02 passed test Advertising
      Starting test: KnowsOfRoleHolders
         Warning: CN="NTDS Settings
DEL:632b3dfd-60f5-455a-8518-11a1ad5e1d90",CN=UKHWDC02,CN=Servers,CN=Holywell,CN=
Sites,CN=Configuration,DC=saffilautomotive,DC=com is the Schema Owner, but is de
leted.
         Warning: CN="NTDS Settings
DEL:632b3dfd-60f5-455a-8518-11a1ad5e1d90",CN=UKHWDC02,CN=Servers,CN=Holywell,CN=
Sites,CN=Configuration,DC=saffilautomotive,DC=com is the Domain Owner, but is de
leted.
         ......................... UKHWDC02 failed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... UKHWDC02 passed test RidManager
      Starting test: MachineAccount
         ......................... UKHWDC02 passed test MachineAccount
      Starting test: Services
         ......................... UKHWDC02 passed test Services
      Starting test: ObjectsReplicated
         ......................... UKHWDC02 passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... UKHWDC02 passed test frssysvol
      Starting test: kccevent
         ......................... UKHWDC02 passed test kccevent
      Starting test: systemlog
         ......................... UKHWDC02 passed test systemlog

   Running enterprise tests on : saffilautomotive.com
      Starting test: Intersite
         ......................... saffilautomotive.com passed test Intersite
      Starting test: FsmoCheck
         ......................... saffilautomotive.com passed test FsmoCheck

C:\Documents and Settings\Administrator.FIBRE>dcdiag /v

Domain Controller Diagnosis

Performing initial setup:
   * Verifying that the local machine ukhwdc02, is a DC.
   * Connecting to directory service on server ukhwdc02.
   * Collecting site info.
   * Identifying all servers.
   * Found 2 DC(s). Testing 1 of them.
   Done gathering initial info.

Doing initial required tests

   Testing server: Holywell\UKHWDC02
      Starting test: Connectivity
         * Active Directory LDAP Services Check
         * Active Directory RPC Services Check
         ......................... UKHWDC02 passed test Connectivity

Doing primary tests

   Testing server: Holywell\UKHWDC02
      Starting test: Replications
         * Replications Check
         ......................... UKHWDC02 passed test Replications
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Starting test: NCSecDesc
         * Security Permissions Check for
           CN=Schema,CN=Configuration,DC=saffilautomotive,DC=com
         * Security Permissions Check for
           CN=Configuration,DC=saffilautomotive,DC=com
         * Security Permissions Check for
           DC=saffilautomotive,DC=com
         ......................... UKHWDC02 passed test NCSecDesc
      Starting test: NetLogons
         * Network Logons Privileges Check
         ......................... UKHWDC02 passed test NetLogons
      Starting test: Advertising
         The DC UKHWDC02 is advertising itself as a DC and having a DS.
         The DC UKHWDC02 is advertising as an LDAP server
         The DC UKHWDC02 is advertising as having a writeable directory
         The DC UKHWDC02 is advertising as a Key Distribution Center
         The DC UKHWDC02 is advertising as a time server
         The DS UKHWDC02 is advertising as a GC.
         ......................... UKHWDC02 passed test Advertising
      Starting test: KnowsOfRoleHolders
         Role Schema Owner = CN="NTDS Settings
DEL:632b3dfd-60f5-455a-8518-11a1ad5e1d90",CN=UKHWDC02,CN=Servers,CN=Holywell,CN=
Sites,CN=Configuration,DC=saffilautomotive,DC=com
         Warning: CN="NTDS Settings
DEL:632b3dfd-60f5-455a-8518-11a1ad5e1d90",CN=UKHWDC02,CN=Servers,CN=Holywell,CN=
Sites,CN=Configuration,DC=saffilautomotive,DC=com is the Schema Owner, but is de
leted.
         Role Domain Owner = CN="NTDS Settings
DEL:632b3dfd-60f5-455a-8518-11a1ad5e1d90",CN=UKHWDC02,CN=Servers,CN=Holywell,CN=
Sites,CN=Configuration,DC=saffilautomotive,DC=com
         Warning: CN="NTDS Settings
DEL:632b3dfd-60f5-455a-8518-11a1ad5e1d90",CN=UKHWDC02,CN=Servers,CN=Holywell,CN=
Sites,CN=Configuration,DC=saffilautomotive,DC=com is the Domain Owner, but is de
leted.
         Role PDC Owner = CN=NTDS Settings,CN=UKHWDC02,CN=Servers,CN=Holywell,CN
=Sites,CN=Configuration,DC=saffilautomotive,DC=com
         Role Rid Owner = CN=NTDS Settings,CN=UKHWDC02,CN=Servers,CN=Holywell,CN
=Sites,CN=Configuration,DC=saffilautomotive,DC=com
         Role Infrastructure Update Owner = CN=NTDS Settings,CN=UKHWDC02,CN=Serv
ers,CN=Holywell,CN=Sites,CN=Configuration,DC=saffilautomotive,DC=com
         ......................... UKHWDC02 failed test KnowsOfRoleHolders
      Starting test: RidManager
         * Available RID Pool for the Domain is 3160 to 1073741823
         * ukhwdc02.saffilautomotive.com is the RID Master
         * DsBind with RID Master was successful
         * rIDAllocationPool is 2660 to 3159
         * rIDNextRID: 2672
         * rIDPreviousAllocationPool is 2660 to 3159
         ......................... UKHWDC02 passed test RidManager
      Starting test: MachineAccount
         * SPN found :LDAP/ukhwdc02.saffilautomotive.com/saffilautomotive.com
         * SPN found :LDAP/ukhwdc02.saffilautomotive.com
         * SPN found :LDAP/UKHWDC02
         * SPN found :LDAP/ukhwdc02.saffilautomotive.com/FIBRE
         * SPN found :LDAP/256e03a4-deea-442b-b5cc-d37c9fd7fcef._msdcs.saffilaut
omotive.com
         * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/256e03a4-deea-442b-b5
cc-d37c9fd7fcef/saffilautomotive.com
         * SPN found :HOST/ukhwdc02.saffilautomotive.com/saffilautomotive.com
         * SPN found :HOST/ukhwdc02.saffilautomotive.com
         * SPN found :HOST/UKHWDC02
         * SPN found :HOST/ukhwdc02.saffilautomotive.com/FIBRE
         * SPN found :GC/ukhwdc02.saffilautomotive.com/saffilautomotive.com
         ......................... UKHWDC02 passed test MachineAccount
      Starting test: Services
         * Checking Service: Dnscache
         * Checking Service: NtFrs
         * Checking Service: IsmServ
         * Checking Service: kdc
         * Checking Service: SamSs
         * Checking Service: LanmanServer
         * Checking Service: LanmanWorkstation
         * Checking Service: RpcSs
         * Checking Service: RPCLOCATOR
         * Checking Service: w32time
         * Checking Service: TrkWks
         * Checking Service: TrkSvr
         * Checking Service: NETLOGON
         * Checking Service: Dnscache
         * Checking Service: NtFrs
         ......................... UKHWDC02 passed test Services
      Test omitted by user request: OutboundSecureChannels
      Starting test: ObjectsReplicated
         UKHWDC02 is in domain DC=saffilautomotive,DC=com
         Checking for CN=UKHWDC02,OU=Domain Controllers,DC=saffilautomotive,DC=c
om in domain DC=saffilautomotive,DC=com on 1 servers
            Object is up-to-date on all servers.
         Checking for CN=NTDS Settings,CN=UKHWDC02,CN=Servers,CN=Holywell,CN=Sit
es,CN=Configuration,DC=saffilautomotive,DC=com in domain CN=Configuration,DC=saf
filautomotive,DC=com on 1 servers
            Object is up-to-date on all servers.
         ......................... UKHWDC02 passed test ObjectsReplicated
      Starting test: frssysvol
         * The File Replication Service Event log test
         The SYSVOL has been shared, and the AD is no longer
         prevented from starting by the File Replication Service.
         ......................... UKHWDC02 passed test frssysvol
      Starting test: kccevent
         * The KCC Event log test
         Found no KCC errors in Directory Service Event log in the last 15 minut
es.
         ......................... UKHWDC02 passed test kccevent
      Starting test: systemlog
         * The System Event log test
         Found no errors in System Event log in the last 60 minutes.
         ......................... UKHWDC02 passed test systemlog

   Running enterprise tests on : saffilautomotive.com
      Starting test: Intersite
         Skipping site Default-First-Site-Name, this site is outside the scope
         provided by the command line arguments provided.
         Skipping site Holywell, this site is outside the scope provided by the
         command line arguments provided.
         ......................... saffilautomotive.com passed test Intersite
      Starting test: FsmoCheck
         GC Name: \\ukhwdc02.saffilautomotive.com
         Locator Flags: 0xe00001fd
         PDC Name: \\ukhwdc02.saffilautomotive.com
         Locator Flags: 0xe00001fd
         Time Server Name: \\ukhwdc02.saffilautomotive.com
         Locator Flags: 0xe00001fd
         Preferred Time Server Name: \\ukhwdc02.saffilautomotive.com
         Locator Flags: 0xe00001fd
         KDC Name: \\ukhwdc02.saffilautomotive.com
         Locator Flags: 0xe00001fd
         ......................... saffilautomotive.com passed test FsmoCheck

C:\Documents and Settings\Administrator.FIBRE>
MidnightOne

Looks like the Shcema Master and Domain Naming Master roles need to be seized to me.

MidnightOne
Jay_Jay70

have you resolved this (going by the fact you accepted an answer)?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.