Solved

2008 adprep /domainprep

Posted on 2011-03-22
9
603 Views
Last Modified: 2012-05-11
I am attempting to move from a hosed up SBS 2000 domain to 2008 standard.  Am I going to affect logins or password policies by running 2008 adprep /domainprep and other adprep commands?  Trying to do this as seamless as possible.  At what point will password policy come into play.  I know 2008 uses complex passwords, not sure how it will affect existing users?
0
Comment
Question by:marty-240
  • 2
  • 2
  • 2
  • +2
9 Comments
 
LVL 21

Expert Comment

by:Joseph Moody
Comment Utility
You should be fine. Complex passwords are not configured by default.
0
 
LVL 4

Accepted Solution

by:
philetaylor earned 167 total points
Comment Utility
the ADPREP /forestprep and /domainprep merely modify the AD schema to allow it to accept 2008 domain controllers, no changes are made to password policies etc.

Cheers

Phil
0
 

Author Comment

by:marty-240
Comment Utility
Sorry, I wasn't clear on this part of the question.
 During the upgrade process, at what point will password policy come into play?
0
 
LVL 21

Assisted Solution

by:Joseph Moody
Joseph Moody earned 167 total points
Comment Utility
It won't until you decide to implement complex password policies. An upgrade will use your exact same basic password policy.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 76

Expert Comment

by:arnold
Comment Utility
An upgrade of a hosed AD will get you to a hosted AD with newer interfaces.
I.e. if you have a clunker, putting new paint on it will not change it.

Could you elaborate what you mean that you have a "hosed" SBS 2000 AD.
0
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 166 total points
Comment Utility
The password policy will take effect immediately for new users,  however any existingnusers will not be forced to use a complex password until their current password expires and must be changed - at that point a complex password must be used
0
 

Author Comment

by:marty-240
Comment Utility
Domain has 3 DC's(sbs only allows for one), primary dc had crashed and an attempt made at reinserting it into the domain, exchange no longer in use or SQL.  A mess I inherited and we are moving away from.  Attempting to upgrade domain to an 08 domain, establish trusts with the new domain so the move will be less painful as users are moved away from resources, until resources can be moved too.  SBS does not allow trusts.
0
 
LVL 70

Expert Comment

by:KCTS
Comment Utility
SBS can have as many DCs as you want - its not limited to one !
So long as the SBS machine has all the FSMO roles.

As I pointed out earlier SBS does not allow more than one domain (or trusts)
0
 
LVL 76

Expert Comment

by:arnold
Comment Utility
Sine you have 2 other functional DC, you can use ntdsutils to sieze FSMO, RID and schema master roles.
restoring your domain to a functional level, note that the FAILED SBS must never be joined back without a reinstall if at all.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Just about everyone has an old PC laying around.  Ask anyone in the IT industry, whether they are a professional or play in it as a hobby.  From outdated Desktops to cheap "throwaway" laptops, they are all around and not as hard to "fix up" as you m…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now