boyerm25
asked on
adprep /rodcprep errors
I'm trying to install a Server 2008 DC into our domain. All the current DCs are running Server 2003, so I am trying to prepare the domain to accept a 2008 DC. The forestprep and domainprep ran successfully. When I try to run adprep /rodcprep on the current DC that has the FSMO roles, I get the errors below. I have already tried the script in this MS KB article:
http://support.microsoft.com/kb/949257
The FSMO roles all appear to be assigned correctly, and when I went back through another metadata cleanup process, I didn't find anything that needed to be removed. Any suggestions for where to go from here would be greatly appreciated, as I am far from being an AD expert.
---------------
Adprep connected to the domain FSMO: 2701print.nstarmpls.mds.
==========================
Adprep found partition DC=DomainDnsZones,DC=nstar
Adprep could not contact a replica for partition DC=DomainDnsZones,DC=nstar
Adprep encountered an LDAP error.
Error code: 0x0. Server extended error code: 0x0, Server error message: (null).
Adprep failed the operation on partition DC=DomainDnsZones,DC=nstar
Skipping to next partition.
==========================
==========================
Adprep found partition DC=ForestDnsZones,DC=nstar
Adprep could not contact a replica for partition DC=ForestDnsZones,DC=nstar
Adprep encountered an LDAP error.
Error code: 0x0. Server extended error code: 0x0, Server error message: (null).
Adprep failed the operation on partition DC=ForestDnsZones,DC=nstar
Skipping to next partition.
==========================
Adprep detected the operation on partition DC=nstarmpls,DC=mds has been performed. Skipping to next partition.
==========================
Adprep completed with errors. Not all partitions are updated. See the ADPrep.log
in the C:\WINDOWS\debug\adprep\lo
To successfully update all partititions, the current logged on user needs to be a member of Enterprise Admins group. If that is not the case, please correct the problem, and then restart Adprep.
http://support.microsoft.com/kb/949257
The FSMO roles all appear to be assigned correctly, and when I went back through another metadata cleanup process, I didn't find anything that needed to be removed. Any suggestions for where to go from here would be greatly appreciated, as I am far from being an AD expert.
---------------
Adprep connected to the domain FSMO: 2701print.nstarmpls.mds.
==========================
Adprep found partition DC=DomainDnsZones,DC=nstar
Adprep could not contact a replica for partition DC=DomainDnsZones,DC=nstar
Adprep encountered an LDAP error.
Error code: 0x0. Server extended error code: 0x0, Server error message: (null).
Adprep failed the operation on partition DC=DomainDnsZones,DC=nstar
Skipping to next partition.
==========================
==========================
Adprep found partition DC=ForestDnsZones,DC=nstar
Adprep could not contact a replica for partition DC=ForestDnsZones,DC=nstar
Adprep encountered an LDAP error.
Error code: 0x0. Server extended error code: 0x0, Server error message: (null).
Adprep failed the operation on partition DC=ForestDnsZones,DC=nstar
Skipping to next partition.
==========================
Adprep detected the operation on partition DC=nstarmpls,DC=mds has been performed. Skipping to next partition.
==========================
Adprep completed with errors. Not all partitions are updated. See the ADPrep.log
in the C:\WINDOWS\debug\adprep\lo
To successfully update all partititions, the current logged on user needs to be a member of Enterprise Admins group. If that is not the case, please correct the problem, and then restart Adprep.
ASKER
Yes, I have already looked at that KB article (please see original post for more details). We may be deploying RODCs, as we have several domain controllers in branch offices.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
See if this helps as well.
http://bsmith9999.blogspot.com/2008_08_01_archive.html
http://bsmith9999.blogspot.com/2008_08_01_archive.html
ASKER
DCDiag led me to some FRS errors on one of my branch office domain controllers. I've fixed those. I also realized that I may not have run the script from the MS article on both of the partitions that were showing up in my errors, so I ran it again. I'm now giving everything some time to replicate and I'll see what happens then.
ASKER
Ok, after giving it a couple of hours to replicate, it all works now. Thanks for the suggestions!
Out of curiosity are you planning to deploy RODCs?
thanks
Mike