Link to home
Start Free TrialLog in
Avatar of Mark Galvin
Mark GalvinFlag for United Kingdom of Great Britain and Northern Ireland

asked on

Adding Windows Server 2008 R2 DC into 2003 domain

I have a Windows 2003 network (AD etc). We have two Windows Server 2003 DC's.

We have purchased 2 new servers and have installed Windows Server 2008 R2 (standard) on them.

I want to add those new servers to the exisiting domain, migrate all services from the 2003 servers to the 2008 servers, decommision the 2003 servers.

I have installed the AD Domain Services Role onto the new DC. When I run the AD DS nstallation Wizard it tells me (rightly so) that I need to run "adprep /forestprep" on the exisiting domain to enable the new 2009 R2 server to be added as DC.

So I run "adprep /forestprep"  on the old server but it reports that:
"Forest-wide information has already been updated.
[Status/Consequence]
Adprep did not attempt to rerun this operation."

Try on the 2008 R2 server but get same error message - loop time!!

Please help!!

Thanks
Mark
ASKER CERTIFIED SOLUTION
Avatar of oBdA
oBdA
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Mark Galvin
Mark Galvin
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Thanks for that! ForestPrep now run all fine. DomainPrep also run fine.

Now trying to run RODCPREP and getting this error:
"Adprep completed with errors. Not all partitions are updated. See the ADPrep.log
 in the C:\WINDOWS\debug\adprep\logs\20111018113553 directory for more informati
on."

Log file:
"[2011/10/18:11:33:33.962]
Adprep created the log file ADPrep.log under C:\WINDOWS\debug\adprep\logs\20111018113333 directory.
[2011/10/18:11:33:33.978]
Adprep connected to the domain FSMO: intlondc01.company.ads.
[2011/10/18:11:33:33.978]
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is (null).
[2011/10/18:11:33:33.978]
LDAP API ldap_search_s() finished, return code is 0x0
[2011/10/18:11:33:33.978]
Adprep successfully retrieved information from the local Active Directory Domain Services.
[2011/10/18:11:33:33.978]
Adprep successfully initialized global variables.

[Status/Consequence]

Adprep is continuing.
[2011/10/18:11:33:33.978]
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is CN=Partitions,CN=Configuration,DC=company,DC=ads.
[2011/10/18:11:33:33.978]
LDAP API ldap_search_s finished, return code is 0x0
[2011/10/18:11:33:33.978]
==============================================================================

Adprep found partition DC=ForestDnsZones,DC=company,DC=ads, and is about to update the permissions.
[2011/10/18:11:33:34.009]
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is CN=Infrastructure,DC=ForestDnsZones,DC=company,DC=ads.
[2011/10/18:11:33:34.009]
LDAP API ldap_search_s finished, return code is 0x0
[2011/10/18:11:33:34.024]
Adprep could not contact a replica for partition DC=ForestDnsZones,DC=company,DC=ads.
[2011/10/18:11:33:34.024]
Adprep encountered an LDAP error.

Error code: 0x0. Server extended error code: 0x0, Server error message: (null).
[2011/10/18:11:33:34.024]
Adprep failed the operation on partition DC=ForestDnsZones,DC=company,DC=ads. Skipping to next partition.

==============================================================================
[2011/10/18:11:33:34.040]
==============================================================================

Adprep found partition DC=DomainDnsZones,DC=company,DC=ads, and is about to update the permissions.
[2011/10/18:11:33:34.040]
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is CN=Infrastructure,DC=DomainDnsZones,DC=company,DC=ads.
[2011/10/18:11:33:34.040]
LDAP API ldap_search_s finished, return code is 0x0
[2011/10/18:11:33:34.040]
Adprep could not contact a replica for partition DC=DomainDnsZones,DC=company,DC=ads.
[2011/10/18:11:33:34.056]
Adprep encountered an LDAP error.

Error code: 0x0. Server extended error code: 0x0, Server error message: (null).
[2011/10/18:11:33:34.056]
Adprep failed the operation on partition DC=DomainDnsZones,DC=company,DC=ads. Skipping to next partition.

==============================================================================
[2011/10/18:11:33:34.056]
==============================================================================

Adprep found partition DC=company,DC=ads, and is about to update the permissions.
[2011/10/18:11:33:34.071]
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is CN=Infrastructure,DC=company,DC=ads.
[2011/10/18:11:33:34.071]
LDAP API ldap_search_s finished, return code is 0x0
[2011/10/18:11:33:34.071]
Adprep connected to the Infrastructure FSMO: intlondc01.company.ads.
[2011/10/18:11:33:34.071]
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is DC=company,DC=ads.
[2011/10/18:11:33:34.071]
LDAP API ldap_search_s() finished, return code is 0x0
[2011/10/18:11:33:34.071]
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is DC=company,DC=ads.
[2011/10/18:11:33:34.071]
LDAP API ldap_modify_ext_s() finished, return code is 0x0
[2011/10/18:11:33:34.071]
Adprep successfully modified the security descriptor on object DC=company,DC=ads.

[Status/Consequence]

Adprep merged the existing security descriptor with the new access control entry (ACE).
[2011/10/18:11:33:34.071]
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is DC=company,DC=ads.
[2011/10/18:11:33:34.071]
LDAP API ldap_search_s() finished, return code is 0x0
[2011/10/18:11:33:34.071]
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is DC=company,DC=ads.
[2011/10/18:11:33:34.087]
LDAP API ldap_modify_ext_s() finished, return code is 0x0
[2011/10/18:11:33:34.087]
Adprep successfully modified the security descriptor on object DC=company,DC=ads.

[Status/Consequence]

Adprep merged the existing security descriptor with the new access control entry (ACE).
[2011/10/18:11:33:34.087]
Adprep was about to call the following LDAP API. ldap_modify_s(). The entry to modify is CN=companyADS,CN=Partitions,CN=Configuration,DC=company,DC=ads.
[2011/10/18:11:33:34.087]
LDAP API ldap_modify_s() finished, return code is 0x0
[2011/10/18:11:33:34.087]
The operation on partition DC=company,DC=ads was successful.

==============================================================================
[2011/10/18:11:33:34.103]
Adprep completed with errors. Not all partitions are updated. See the ADPrep.log in the C:\WINDOWS\debug\adprep\logs\20111018113333 directory for more information.



To successfully update all partititions, the current logged on user needs to be a member of Enterprise Admins group.  If that is not the case, please correct the problem, and then restart Adprep."

Any more help would be great.

thanks
Mark
Avatar of Mark Galvin
Mark Galvin
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Hi

Forget the above - I dont want a read only dc!!

Thanks!