Solved

adprep for a 2008 r2 server

Posted on 2010-08-26
20
960 Views
Last Modified: 2012-05-10
I have a windows 2008 R2 standard server that I want to dcpromo. When I try I get prompted to run adprep/forest prep. I already have two 2008 servers service pack 2 64bit as dc's along with a windows 2003 server
0
Comment
Question by:jim3725
20 Comments
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 33534533
But you don't have any R2 servers!

2008 R2 is DIFFERENT from 2008.  AD is newer.  You need to run ADPREP from the R2 disk (R2 is NOT Service Pack 2; R2 is equivalent to Win7, 2008 (non R2) is equivalent to Vista)
0
 
LVL 23

Expert Comment

by:Stelian Stan
ID: 33534633
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33537314
That is correct like leew said R2 is a different version the Windows 2008 server you need to run adprep32 off the R2 DVD
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 

Author Comment

by:jim3725
ID: 33541147
I currently have 3 dc's , two of them are windows 2008 enterprise service pck2  64bit and the other one is 2003 server, I want to get the 2008 R2 standard server to be a dc, but I can't until I run adprep/forestprep and adprep/domainprep. I have the dvd with the support folder for the 2008 R2 ready. My question is do I have to run it from a dc server and if it's on the 2003 server I run adprep32 or if it's on 2008 server then it's just adprep.. The article is very good , I am just double checking..
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33542303
You need to find out which DC is your schema master

http://www.petri.co.il/determining_fsmo_role_holders.htm

Once you have determined the schema master you run the adprep or adprep32 depending if the server is 32 or 64 bit.
0
 

Author Comment

by:jim3725
ID: 33542473
I have run adprep /forestprep from schema master successfuly along with adprep/domainprep.
I have verify the attribute changes as listed, revision value = 5 and object version 47.
I only have one problem now, I am trying to dcpromo the windows 2008 R2 server and got the following message.  A delegation for this dns server cannot be created because the authoritative parent zone cannot be found or it does not run windows dns server. If you are integrating with an existing DNS infrastructure (which I am) you should manually create a delegation to this dns server in the parent zone to ensure reliable name resolution from outside the domain. Otherwise no action is required. Should I continue??  I already had adds service installed,
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33542520
Yes, you can proceed make sure you are pointing to the existing DNS server for primary in the TCP\IP settings of the new DC until replication as fully taken place.
0
 

Author Comment

by:jim3725
ID: 33542627
I have successfully dc promo the windows 2008 R2 server into my 2003 function domain.
I have one remaining question. I have a remaining 2003 server that I want to demote from being a dc. Once I do this, should I do anyting with the domain/forest functional levels? It is currently at windows server 2003.BTW,  I plan on letting things settle for a few days before demoting this windows 2003 server
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 500 total points
ID: 33542812
Let things settle before demoting later today run dcdiag to check for any errors.

Once you are sure that is working then you can demote the server.

Here is how you raise the levels.

http://www.petri.co.il/raising-windows-server-2008-active-directory-domain-and-forest-functional-levels.htm
0
 

Author Comment

by:jim3725
ID: 33544114
I ran dcdiag and everything passed except the following.
tarting test: NCSecDesc
    Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
       Replicating Directory Changes In Filtered Set
    access rights for the naming context:
    DC=ForestDnsZones,DC=PVH,DC=local
    Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
       Replicating Directory Changes In Filtered Set
    access rights for the naming context:
    DC=DomainDnsZones,DC=PVH,DC=local
    ......................... DC1 failed test NCSecDesc
0
 

Author Closing Comment

by:jim3725
ID: 33544635
Very thorough information
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33545347
The error is just stating you have not preped your domain for RODC servers and it is not required.
0
 

Author Comment

by:jim3725
ID: 33546485
Thanks for your help. I did have an issue on this server after it was dcpromo. I was running Virtual Machine Manager using Microsoft Sql 2005, and now that is not working. It is like a perminssion that is not letting me startup the sql service. Any thoughts on it
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33546602
When you promote a server it disables the local users and computers you need to check the services and users to make sure that you have a domain user with permissions to start the service
0
 

Author Comment

by:jim3725
ID: 33546761
I will verify it, thanks darisug
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33546772
Just to add if you add a domain user you need to go to the Domain Controller Group Policy to add the user to be able to logon as a service.
0
 

Author Comment

by:jim3725
ID: 33557324
The Sql server vmm service is using network service to logon.
0
 

Author Comment

by:jim3725
ID: 33557449
I get an error message of The SQL Server $VmM$ service terminated with service-specific error 17113
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33557913
Open another question.

I am not for sure but this seems to be a permissions issue. SQL should be running under an account
0
 

Author Comment

by:jim3725
ID: 33558635
thanks , I believe sql was using a local acct prior to dc promo. I will try using another account, and i will post a new question if need be.. thanks for all your help
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question