adprep error on new 2003 server in 2000/2003 domain.

Posted on 2007-03-23
Medium Priority
Last Modified: 2011-10-03
I am trying to install AD on a new 2003 server in my 2000/2003 domain and am getting an error from the AD install wizard.  I have already run adprep /forestprep and /domainprep on the 2000 PDC (with FSMO roles) successfully.

Then error is:
"The version of the Active Directory schema of the source forest is not compatible with the version of Active Directory on this computer"

I have 3 2000 domain controllers.  The new 2003 server would be the first 2003 DC.
Question by:mchad65
  • 7
  • 6
LVL 30

Accepted Solution

LauraEHunterMVP earned 2000 total points
ID: 18782623
Are you attempting to add a 2003 R2 server?  You need to run the version of adprep that's on Disc 2 of the R2 media:


Hope this helps.

Laura E. Hunter - Microsoft MVP: Windows Server - Networking

Author Comment

ID: 18782739
That's probably it.  Thanks.

Running now.  Will advise.

Author Comment

ID: 18782776
Worked.   Thanks very much!
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

LVL 58

Expert Comment

by:Pete Long
ID: 18782802
MVP Windows Server Networking ! I've finally met another one :) Hello Laura :)

I know the Qurestion is closed but heres my usuall "Pre Flight check list"

Domain Upgrade from 2000 to 2003

Before you start

1. As far ahead as possible Set your DNS zones to scavenge and remove stale records ? so by the time you upgrade you will be working on a ?clean? version of DNS.
2. Before you even start - check the event logs of all the domain controllers and make sure that everything is fine.
3. Upgrade all 2000 Servers to SP4 (if they are below SP3 then things WILL break horrifically so put SP4 and all the latest updates on each Domain controller.)
4. If you haven't already done so install the 2000 support tools on each DC and run netdiag and dcdiag (cd \support\tools\setup.exe) when all domain controllers report no errors on dcdiag and netdiag, go to control panel > ?add remove programs? and uninstall the ?Windows 2000 support tools?
5. Make sure that the hardware you are going to put 2003 on is supported. http://www.microsoft.com/windows/catalog/server/ 
6. Make sure all the software that runs on servers to be upgraded is supported on Windows 2003 (by contacting the vendors).
7. Unistall WInzip 8.1 from any server if its installed.

Does the Existing Domain have Exchange 2000?

If it does STOP and do the following

1. On a domain controller
2. Start > Run > regsvr32 schmmgmt.dll {enter} > OK
3. Start > run > mmc {enter}.
4. File > Add / Remove Snap-In > Add > Active Directory Schema > Add Close > OK
5. Right Click ?Active Directory Schema? > Operations Master.
6. Take note of which server is the schema master
7. Tick the box that says ?The schema may be modified on this domain controller?
8. Go to the schema master, and log on (as a member of the schema administrators group)
9. Start > run > notepad.exe
10. Copy and paste the following (NOTE copy everything and make sure there are NO spaces afterwards {the last character is a hyphen on its own)

dn: CN=ms-Exch-Assistant-Name,CN=Schema,CN=Configuration,DC=X
changetype: Modify
LDAPDisplayName: msExchAssistantName

dn: CN=ms-Exch-LabeledURI,CN=Schema,CN=Configuration,DC=X
changetype: Modify
replace: LDAPDisplayName
LDAPDisplayName: msExchLabeledURI

dn: CN=ms-Exch-House-Identifier,CN=Schema,CN=Configuration,DC=X
changetype: Modify
replace: LDAPDisplayName
LDAPDisplayName: msExchHouseIdentifier

changetype: Modify
add: schemaUpdateNow
schemaUpdateNow: 1

11. Save as \%userprofile%\InetOrgPersonPrevent.ldf set the ?save as type? to ?all files? and set the encoding to ?Unicode?
12. Start > run cmd {enter}
13. cd %userprofile% {enter}
14. ldifde -i -f inetorgpersonprevent.ldf -v -c DC=X "dc=coniston,dc=co,dc=uk" {obviously change the domain name accordingly)


Performing the upgrade.

1. Pop in the CD and run d:\i386\winnt32.exe /checkupgradeonly
2. If you have the FAX service running on any DC stop and disable it.
3. Make sure your system is backed up (that?s system state too! And it?s a good idea to make some recovery disks?)
4. Clear down all the event logs reboot everything and recheck the logs.
5. Go to the Schema Master server and run ?adprep /forestprep? without the quotes.

NOTE with Server 2003 R2 adprep is on the SECOND CD in the \cmpnents\r2\adprep directory.

6. It will take a while to run and the network will slow down while it does.
7. When its finished locate your infrastructure master server, (run active directory users and computers > right click the domain > operations masters > infrastructure)
8. Go to the infrastructure master server and run ?adprep /domainprep?
9. This runs quite quickly, when its finished run ?adprep /domainprep /gpprep?
10. Wait for full active directory replication to occur. Force replication if needs be but DON?T do anything for at least half an hour ? longer if it?s a client with a lot of sites)
11. (Read Note Below) If your upgrading a 2000 server pop in the CD and follow the onscreen prompts,

NOTE seize the PDC Emulator role to this Server BEFORE you start, if your upgrading multiple machines then upgrade the Domain naming master and the RID Master.
12. If your putting in a new server build it and join it to the domain then start > run > dcpromo {enter} follow the onscreen prompts.
13. When done check all the event logs.
14. Reinstall the support tools from the 2003 CD
15. Remove the i386 directory form any upgraded server and replace with the 2003 i386 directory from the CD.LauraEHunterMVP said:
>>Laura E. Hunter - Microsoft MVP: Windows Server - Networking

Author Comment

ID: 18782969
Might I ask one more question?

I am about to transfer FSMO roles to the new 2003 DC, from the existing 2000 server.  When complete, I intend to rename the 2003 server to the name of the 2000 server and assign it's ip address as well (obviously after demoting it and renameing it)

Is that ok to do?

LVL 58

Expert Comment

by:Pete Long
ID: 18784857
Why do you want to do this? is it simply because yuou have drive mapping etc - if that is the case the simpler mehod is to rename the OLd DC then create some DNS records that point the old name to the new server?

Author Comment

ID: 18785025
It is partially that, but mostly because the old server is, well, old...  And starting to show it's age.  A power supply went bad two weeks ago, a cooling fan a month before that...  Not long before other things start going bad I think.  It needs to be reliable.  It is 8 years old and needs to be retired.  (Not to mention a Xeon 733mhz)

Why wouldn't I want to replace it?  I already trasferred over all of it's roles, FSMO, DNS, DHCP, WINS, and next weekend I'll be moving all the shares.

Once I rename and change the ip, all I need to do is demote the old server to a member and remove, correct?

LVL 58

Expert Comment

by:Pete Long
ID: 18785271
Stop! While changing a domain controllers name is permissable if the domain and forest funtional level are both at 2003 Native - I would not recomment it, by all means ditch the old 2000 server BUT dont rename the 2003 box while its a sole domain controller. (of course if you have more than one DC (not counting the old 2000 server) you can demote it change its name and repromote it)

if the old 2000 server was called Server1 demote it change its name to oldserver and create an A (Host Record) in DNS called Server1 and point it to the NEW servers IP address.

Author Comment

ID: 18785347
I actually have 2 other win2000 DC's.  Two in our office (including the one about to be replaced) and one in our data center (connected by a T3 bridge), So I think I am ok to rename the new server once the old server is demoted and removed, right?  Then, you mention demoting and renameing the new server...  Why do I need to demote it to rename it?  If I demote it, then do I have to install AD and FSMO roles again? (I hope not)

Thanks (you deserve some points for all this...)
LVL 58

Expert Comment

by:Pete Long
ID: 18787794
I never rename a domain controller while its a domain controller - It can onlt be done succesfully if the forest and domain funtional levels are 2003 Native.

>>I actually have 2 other win2000 DC's.

This means you cant be at 2003 Native - Only rename member servers not domain controllers. hence my comments about demoting it

>>demote it, then do I have to install AD and FSMO roles again

This is about 10 minutes work?

Author Comment

ID: 18787999
Yes, it's not too much work, I just want to be sure.  Once I deomte it, will the FSOM roles will be transferred to one of the existing 2000 servers automatically, or should I do it manually befoe I demote?  I can leave DNS, DHCP and WINS alone, correct?  

Thanks again.

(or I guess I could leave everything alone and deal with the shares in DNS, but I still would prefer consistancy in my naming scheme)
LVL 58

Expert Comment

by:Pete Long
ID: 18788078
I manually transfer the roles - before I demote, theoretically they should be transferred during DCpromo but Ive never risked it:)


Author Comment

ID: 18788432
Still easy enough.

Thanks for all your unrewarded help...
LVL 58

Expert Comment

by:Pete Long
ID: 18788709
no probs :)

Featured Post

Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

The article explains the process to deploy a Self-Service password reset portal I developed a few years ago. Hopefully, it will prove useful to someone.  Any comments, bug reports etc. are welcome...
You have missed a phone call. The number looks like it belongs to the bunch of numbers which your company uses. How to find out who has just called you?
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question