Solved

Add Domain controller: first prepare the domain using "adprep/domainprep"

Posted on 2010-09-24
6
1,289 Views
Last Modified: 2012-05-10
Hello everyone

In a environment we have a Domain controller that is Windows Server 2008 and the second DC is Windows Server 2003 R2. The actual function level of the AD was first Windows 2000 native. Now we want to add a additional DC with Windows Server 2008 R2. When I want to add him as a "additional Server in a existing domain" the message occurs "to install a domain controller into this AD Domain, you must first prepare the domain using "adprep/domainprep". After this error occurs we prepaired the domain to using Windows 2003 function level and raised  the function level successfully to Windows 2003.

After that when we want to re-add the new DC the error still occurs.

Do you know what's the problem?

Thanks for your help.
0
Comment
Question by:axega
6 Comments
 
LVL 4

Expert Comment

by:HunterPine
ID: 33753958
On your Windows 2008 R2 DVD is an executable called adprep (and adprep32 if I remember correctly).

Copy that directory to one of your DCs and run the application with the /domainprep switch. You may also have to run it with the /forestprep switch to add the server.
0
 
LVL 4

Expert Comment

by:JP64
ID: 33754022
Hi,

see below for instructions as found on the technet website:

Prepare your Active Directory® environment with Windows Server 2008 R2 updates. Before you add a domain controller that is running Windows Server 2008 R2 to an Active Directory forest or upgrade an existing domain controller to Windows Server 2008 R2, run Adprep.exe from the Windows Server 2008 R2 media on your existing domain controllers to prepare your domain and forest.

To do this, use the following procedures. If you are performing an unattended installation, perform this step before you install the operating system. Otherwise, you will need to do this after you run Setup and before you install Active Directory Domain Services.

To prepare a forest


1.Log on to the schema master as a member of the Enterprise Admins, Schema Admins, or Domain Admins group.


2.Copy the contents of the \support\adprep folder (note the new location) from the Windows Server 2008 R2 installation DVD to the schema master role holder.


3.Open a Command Prompt window, navigate to the Adprep folder, and run adprep /forestprep.


4.If you plan to install a read-only domain controller (RODC), run adprep /rodcprep.


5.Allow the operation to complete and the changes to replicate before performing the next procedure.


To prepare a domain

Perform this procedure for each domain where you want to install a domain controller that runs Windows Server 2008 R2.


1.Log on to the infrastructure master as a member of the Domain Admins group.


2.Copy the contents of the \support\adprep folder (note the new location) from the installation DVD to the infrastructure master role holder.


3.Open a Command Prompt window, navigate to the Adprep folder, and run adprep /domainprep /gpprep.


4.Allow the operation to complete and the changes to replicate.


After completing these steps, you can add domain controllers that are running Windows Server 2008 R2 to the domains you have prepared.

The adprep command extends the schema, updates default security descriptors of selected objects, and adds new directory objects as required by some applications. For more information about adprep, see http://go.microsoft.com/fwlink/?linkid=50439.

For the full page goto:
http://technet.microsoft.com/en-us/library/dd379511(WS.10).aspx

Kind regards,

JP

0
 
LVL 6

Expert Comment

by:TarekIsmail
ID: 33754943
you can not add windows 2008 R2 domain controller to your current domain without update the schema with windows 2008 R2.

you have to use Adprep32.exe, or Adprep.exe located in your windows 2008 R2 in  the \support\adprep folder.

In Windows Server 2008 R2, Adprep is available in a 32-bit version and a 64-bit version. The 64-bit version runs by default. If you need to run Adprep on a 32-bit computer, run the 32-bit version (Adprep32.exe).

You must run adprep from an elevated command prompt. To open an elevated command prompt, click Start, right-click Command Prompt, and then click Run as administrator.

run the following commands :

adprep /forestprep
adprep /domainprep

if you will install RODC you need to run the command below
adprep /rodcprep
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33755979
0
 

Accepted Solution

by:
axega earned 0 total points
ID: 33787589
there was a problem with the installed Windows 2003 R2 DC. now I demoted it to a Member Server, rerun adprep and the problem is solved. Thanks your help!!
0
 
LVL 6

Expert Comment

by:TarekIsmail
ID: 33820669
good answer from axega, he just use what we said to him but in his words!!!!!
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question