jgantes
asked on
Cannot add Windows 2003 Server as DC to a Windows 2003 Domain that already has two DC's
This one's could get a bit confusing. Overall, I can't add a new Windows Server 2003 machine to an existing 2003 domain (all forest and domain levels are 2003 on all other DC's) because of the following error:
"The Active Directory Installation Wizard cannot continue because the forest is not prepared for installing Windows Server 2003. Use the Adprep command-line tool to prepare both the forest and the domain."
I already ready through the MS KB http://support.microsoft.com/?kbid=278875 and had no luck. The STRANGE thing is that my forrest and domain function levels are all 2003 and have been. Of course I can't run ADPREP if they already at the highest level (I already tried anyway).
The only thing that COULD be confusing this, is the fact that our PDC and BDC (though these terms "technically" don't exist in 2003) were renamed a month ago. Same domain, but new machine names. The NETDOM went fine and we didn't have any errors. I searched the registry and ADSIEDIT.MSC and all items (FRS References, etc) and everything has the new names. Replication is working and both machines act well as DC's when one or the other is offline.
So... I can't figure out why I wouldn't be able to add a new 2003 DC to a 2003 Domain. Once upon a time (6 months back) it was in mixed mode, but they were all promoted and things went OK.
Here's a snipped more from my DCPROMO.LOG:
11/30 21:55:45 [INFO] Installing the Directory Service
11/30 21:55:45 [INFO] Calling NtdsInstall for BRECKGROUP.LOCAL
11/30 21:55:45 [INFO] Starting Active Directory installation
11/30 21:55:45 [INFO] Validating user supplied options
11/30 21:55:45 [INFO] Determining a site in which to install
11/30 21:55:45 [INFO] Examining an existing Active Directory forest
11/30 21:55:45 [INFO] Error - The Active Directory Installation Wizard cannot continue because the forest is not prepared for installing Windows Server 2003. Use the Adprep command-line tool to prepare both the forest and the domain. For more information about using the Adprep, see Active Directory Help. (8467)
11/30 21:55:45 [INFO] NtdsInstall for BRECKGROUP.LOCAL returned 8467
11/30 21:55:45 [INFO] DsRolepInstallDs returned 8467
11/30 21:55:45 [ERROR] Failed to install to Directory Service (8467)
Thanks!
"The Active Directory Installation Wizard cannot continue because the forest is not prepared for installing Windows Server 2003. Use the Adprep command-line tool to prepare both the forest and the domain."
I already ready through the MS KB http://support.microsoft.com/?kbid=278875 and had no luck. The STRANGE thing is that my forrest and domain function levels are all 2003 and have been. Of course I can't run ADPREP if they already at the highest level (I already tried anyway).
The only thing that COULD be confusing this, is the fact that our PDC and BDC (though these terms "technically" don't exist in 2003) were renamed a month ago. Same domain, but new machine names. The NETDOM went fine and we didn't have any errors. I searched the registry and ADSIEDIT.MSC and all items (FRS References, etc) and everything has the new names. Replication is working and both machines act well as DC's when one or the other is offline.
So... I can't figure out why I wouldn't be able to add a new 2003 DC to a 2003 Domain. Once upon a time (6 months back) it was in mixed mode, but they were all promoted and things went OK.
Here's a snipped more from my DCPROMO.LOG:
11/30 21:55:45 [INFO] Installing the Directory Service
11/30 21:55:45 [INFO] Calling NtdsInstall for BRECKGROUP.LOCAL
11/30 21:55:45 [INFO] Starting Active Directory installation
11/30 21:55:45 [INFO] Validating user supplied options
11/30 21:55:45 [INFO] Determining a site in which to install
11/30 21:55:45 [INFO] Examining an existing Active Directory forest
11/30 21:55:45 [INFO] Error - The Active Directory Installation Wizard cannot continue because the forest is not prepared for installing Windows Server 2003. Use the Adprep command-line tool to prepare both the forest and the domain. For more information about using the Adprep, see Active Directory Help. (8467)
11/30 21:55:45 [INFO] NtdsInstall for BRECKGROUP.LOCAL returned 8467
11/30 21:55:45 [INFO] DsRolepInstallDs returned 8467
11/30 21:55:45 [ERROR] Failed to install to Directory Service (8467)
Thanks!
ASKER
Yes, both other DC's are 2003 SP1, the one I'm adding is 2003 R2. I think you've found it... now I need to read to figure out what to do... oh boy this looks long and fun :-(
Is there a short version :-P
Is there a short version :-P
To update the schema, on the schema master domain controller, insert Disc 2 and open the command prompt. Then, change to the Cmpnents\R2\Adprep folder of Disc 2, and type: adprep.exe /forestprep.
Is that short enough? :D
Is that short enough? :D
ASKER
yea... thanks. I just read that. I wonder, could this have any adverse effects on my current domain controllers? I guess their forest functions goes to an "R2" Forest function?
Do I need to do on both my DC's I'm assuming? Sounds risky-- or am I over-reacting.
I found this too... https://www.experts-exchange.com/questions/21988432/Adding-Second-Domain-Controller-Windows-2003-R2-Standard-to-Existing-Small-Business-Server-Standard-2003-Domain.html
Thanks!
Do I need to do on both my DC's I'm assuming? Sounds risky-- or am I over-reacting.
I found this too... https://www.experts-exchange.com/questions/21988432/Adding-Second-Domain-Controller-Windows-2003-R2-Standard-to-Existing-Small-Business-Server-Standard-2003-Domain.html
Thanks!
ASKER
This is really the answer... but I'm still confused... can I simply update the schema on my existing 2003 SP1 DC's or do I have actually upgrade them to R2?
See this article to see what I'm saying....
http://support.microsoft.com/kb/917385
See this article to see what I'm saying....
http://support.microsoft.com/kb/917385
There should be no issues - I believe that you are over-reacting. :D
You should run adprep only on your domain controller which is FSMO holder and the replicate changes to other domain controllers
You should run adprep only on your domain controller which is FSMO holder and the replicate changes to other domain controllers
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks a ton :-)
What's the best way to backup data? Usually I take images, but that seems like overkill in this instance.
What's the best way to backup data? Usually I take images, but that seems like overkill in this instance.
Imaging is not supported backup method for domain controllers. Use Windows Backup, backup everything!
ASKER
NT Backup?
Yes
If your answer is yes: http://technet2.microsoft.com/WindowsServer/en/library/5022eea0-54bc-422f-b98b-ddb836c8ee851033.mspx?mfr=true