dgpsmart
asked on
How do I troubleshoot errors in adprep /forestprep
When running adprep32 /forestprep to ready a 2003 forest for a 2008 upgrade we receive this error.
Opened Connection to <servername>
SSPI Bind succeeded
Current Schema Version is 30
Upgrading schema to version 47
Connecting to "servername"
Logging in as current user using SSPI
Importing directory from file "C:\WINDOWS\system32\sch31 .ldf"
Loading entries................... .......... .......... .......... .......... ......
.......................... .......... .......... .......
Add error on line 2044: Unwilling To Perform
The server side error is "Schema update failed: class in aux-class list does not exist or is not in auxiliary class."
117 entries modified successfully.
An error has occurred in the program
ERROR: Import from file C:\WINDOWS\system32\sch31. ldf failed. Error file is saved in ldif.err.31.
Any Ideas??
Opened Connection to <servername>
SSPI Bind succeeded
Current Schema Version is 30
Upgrading schema to version 47
Connecting to "servername"
Logging in as current user using SSPI
Importing directory from file "C:\WINDOWS\system32\sch31
Loading entries...................
..........................
Add error on line 2044: Unwilling To Perform
The server side error is "Schema update failed: class in aux-class list does not exist or is not in auxiliary class."
117 entries modified successfully.
An error has occurred in the program
ERROR: Import from file C:\WINDOWS\system32\sch31.
Any Ideas??
look in the debug\adprep\logs folder, any more info in the logs there?
Hi dgpsmart,,
Try running a dcdiag and netdiag to see if you receive errors. Maybe you have errors to address before a 2008 upgrade.
Try running a dcdiag and netdiag to see if you receive errors. Maybe you have errors to address before a 2008 upgrade.
First question,do you have exchange server in your environment & if yes is it installed on the DC only?
Second, is your schema has been modifed for any application,is yes then that can be problem too,which can see from your post.
Mike has given you the path where you get log of Adprep,check, if there is any help.
Second, is your schema has been modifed for any application,is yes then that can be problem too,which can see from your post.
Mike has given you the path where you get log of Adprep,check, if there is any help.
ASKER
rmrustice: I have gone over the information in the articles and verified all.
mkline71: Attached are the log files all can be opened with notepad or other text editor. I also included Line2044ofSch31.ldf.txt. This is the section of sch31.ldf that seems to not want to update.
g00se: I ran both commands and all seems to pass just fine
Awinish: There has never been an Exchange server in this Forest or Domain as far as I know. There may have been one in a domain that had a trust with this one some years ago.
Additional Information: Virus software has need disabled, WINS service has been unistalled, We do not use MS DNS,
adprep.log
ldif.err.31.txt
ldif.log.txt
Line2044ofSch31.ldf.txt
schupgr.log.txt
mkline71: Attached are the log files all can be opened with notepad or other text editor. I also included Line2044ofSch31.ldf.txt. This is the section of sch31.ldf that seems to not want to update.
g00se: I ran both commands and all seems to pass just fine
Awinish: There has never been an Exchange server in this Forest or Domain as far as I know. There may have been one in a domain that had a trust with this one some years ago.
Additional Information: Virus software has need disabled, WINS service has been unistalled, We do not use MS DNS,
adprep.log
ldif.err.31.txt
ldif.log.txt
Line2044ofSch31.ldf.txt
schupgr.log.txt
Don't post the result on screen, just attach the below result.
DCDIAG /V /C /D > C:\Dcdiag.txt
I hope you are running adprep /forestprep on schema master role & serve ris recognised as SChema master.
http://blogs.dirteam.com/blogs/sanderberkouwer/archive/2008/03/02/transitioning-your-active-directory-to-windows-server-2008.aspx
Can you verify
You can see when the last modification to the schema was performed from ADSIedit.
Open up the Schema naming context and then get properties on CN=Schema,CN=Configuration ,DC=yourdo main,dc=co m. Specific interest would be the attributes modifyTimeStamp and objectVersion.
Check to see if the objectVersion is the same on the isolated DC as on the production DCs. The objectVersion on a schema that has had the 2003 additions applied is 30.
DCDIAG /V /C /D > C:\Dcdiag.txt
I hope you are running adprep /forestprep on schema master role & serve ris recognised as SChema master.
http://blogs.dirteam.com/blogs/sanderberkouwer/archive/2008/03/02/transitioning-your-active-directory-to-windows-server-2008.aspx
Can you verify
You can see when the last modification to the schema was performed from ADSIedit.
Open up the Schema naming context and then get properties on CN=Schema,CN=Configuration
Check to see if the objectVersion is the same on the isolated DC as on the production DCs. The objectVersion on a schema that has had the 2003 additions applied is 30.
ASKER
Awinish: Thanks for your input. I ran the dcdiag that you noted and found 4 errors,
1. The ismserv service was not running
2. there was an orphaned frs member
3. It failed doing lookups on our secondary name server. Since we do not have that secondary DNS server in this development enviornment I removed the entry from the network interface.
I resolved the orphaned frs object.
Before I could do that I had to repair or register the dll for adsiedit because it was broke.
Now the dcdiag test has no failures in it. Is there anything specific you want to know. It contains a lot to network and domain information I do not want to share.
1. The ismserv service was not running
2. there was an orphaned frs member
3. It failed doing lookups on our secondary name server. Since we do not have that secondary DNS server in this development enviornment I removed the entry from the network interface.
I resolved the orphaned frs object.
Before I could do that I had to repair or register the dll for adsiedit because it was broke.
Now the dcdiag test has no failures in it. Is there anything specific you want to know. It contains a lot to network and domain information I do not want to share.
ASKER
Let's focus our attention to SFU This may have been installed and used at one time. Any thoughts there
If everything has come up clean,try running adprep & yes may be i wanted to see the log & don worry we are all professional & we do understand,so replace yoour domain name to something abc.com
You need to check when & what are the purpose & you need to remove to update the schema else it will not allow.
You need to check when & what are the purpose & you need to remove to update the schema else it will not allow.
ASKER
Here is the DcDiag.txt File. We hope to open a support case with Microsoft today but if there is anything you can do to help. Thanks
DcDiag.txt
DcDiag.txt
The dcdiag is clean apart from DNS server: 137.150.144.10 (<name unavailable>) which is listed in the test.
If there is modification in schema,i can't do much as schema is sensitive & handled with care,so opening case with MS PSS is good solution & i would be interested in knowing the solution provided.
If there is any modification done in schema, then there are specialist in MS who does this job,so lets see the outcome.
If there is modification in schema,i can't do much as schema is sensitive & handled with care,so opening case with MS PSS is good solution & i would be interested in knowing the solution provided.
If there is any modification done in schema, then there are specialist in MS who does this job,so lets see the outcome.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks to everyone for your help
ASKER
Microsoft Support Solved the Problem
Prepare a Windows 2000 or Windows Server 2003 Forest Schema for a Domain Controller That Runs Windows Server 2008 or Windows Server 2008 R2
http://technet.microsoft.com/en-us/library/cc753437(WS.10).aspx
How to migrate your Active Directory Domain to Windows Server 2008
http://www.biztechmagazine.com/article.asp?item_id=324
Make sure you have raised the domain functional level to Windows 2000 native or Windows 2003 and that you are running under the correct user rights (group membership and stuff).