Solved

2008 adprep /domainprep

Posted on 2011-03-22
9
634 Views
Last Modified: 2012-05-11
I am attempting to move from a hosed up SBS 2000 domain to 2008 standard.  Am I going to affect logins or password policies by running 2008 adprep /domainprep and other adprep commands?  Trying to do this as seamless as possible.  At what point will password policy come into play.  I know 2008 uses complex passwords, not sure how it will affect existing users?
0
Comment
Question by:marty-240
  • 2
  • 2
  • 2
  • +2
9 Comments
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 35193185
You should be fine. Complex passwords are not configured by default.
0
 
LVL 4

Accepted Solution

by:
philetaylor earned 167 total points
ID: 35193232
the ADPREP /forestprep and /domainprep merely modify the AD schema to allow it to accept 2008 domain controllers, no changes are made to password policies etc.

Cheers

Phil
0
 

Author Comment

by:marty-240
ID: 35193294
Sorry, I wasn't clear on this part of the question.
 During the upgrade process, at what point will password policy come into play?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 22

Assisted Solution

by:Joseph Moody
Joseph Moody earned 167 total points
ID: 35193302
It won't until you decide to implement complex password policies. An upgrade will use your exact same basic password policy.
0
 
LVL 78

Expert Comment

by:arnold
ID: 35193566
An upgrade of a hosed AD will get you to a hosted AD with newer interfaces.
I.e. if you have a clunker, putting new paint on it will not change it.

Could you elaborate what you mean that you have a "hosed" SBS 2000 AD.
0
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 166 total points
ID: 35193629
The password policy will take effect immediately for new users,  however any existingnusers will not be forced to use a complex password until their current password expires and must be changed - at that point a complex password must be used
0
 

Author Comment

by:marty-240
ID: 35193818
Domain has 3 DC's(sbs only allows for one), primary dc had crashed and an attempt made at reinserting it into the domain, exchange no longer in use or SQL.  A mess I inherited and we are moving away from.  Attempting to upgrade domain to an 08 domain, establish trusts with the new domain so the move will be less painful as users are moved away from resources, until resources can be moved too.  SBS does not allow trusts.
0
 
LVL 70

Expert Comment

by:KCTS
ID: 35194066
SBS can have as many DCs as you want - its not limited to one !
So long as the SBS machine has all the FSMO roles.

As I pointed out earlier SBS does not allow more than one domain (or trusts)
0
 
LVL 78

Expert Comment

by:arnold
ID: 35194909
Sine you have 2 other functional DC, you can use ntdsutils to sieze FSMO, RID and schema master roles.
restoring your domain to a functional level, note that the FAILED SBS must never be joined back without a reinstall if at all.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the steps required to use the default Photos screensaver to display branding/corporate images
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question