adprep ldap errors

Posted on 2012-09-17
Last Modified: 2012-09-18
I am trying to upgrade my active directory scheme from a windows 2003 version to support a windows 2008 R2 server.

When I run adprep /domainprep, I receive the following error:

Adprep encountered an LDAP error.
Error code: 0x20. Server extended error code: 0x208d, Server error message: 0000
208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:

From what little I can tell about the error, Ldap is looking for a domain controller (or record) that does not exist.  The domain controller in question (GCS) was forcibly removed from the domain after a catastrophic failure of the host.  The "metadata cleanup" procedures were used to remove this domain controller from the domain.

My Guess is that the bad domain controller has not been completely removed from the domain.  How do I cleanup / repair the domain so that the adprep command will run successfully?

Matthew Davis
Question by:AD-Novice
    LVL 57

    Expert Comment

    by:Mike Kline
    Is your 2003 box 32 bit or 64 bit?



    Author Comment

    The 2003 box is 64 bit
    LVL 59

    Expert Comment

    by:Darius Ghassem
    You need to run metadata cleanup again

    Make sure you have deleted all DNS records for this failed DC including any SRV records

    You need to used adprep32 as well when upgrade schema

    Make sure all fsmo roles are on a functioning DC as well
    LVL 18

    Accepted Solution

    @ dariusg :- He is using Windows 2003 X64 so there is no need to use adprep32 ..

    Author:- Please Use below link to completely remove the dead DC from domain Also make sure you have the user ID have Schema admin and enterprise admin rights on Domain

    Check if all FSMO's are on your functional DC use netdom query fsmo to check and if you find any roles on dead DC seize them to working DC using below link

    Metadata cleanup:

    Seize FSMO role:
    LVL 59

    Expert Comment

    by:Darius Ghassem
    Totally missed the 64-bit part

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    To effectively work with Diskpart on a Server Core, it is necessary to write some small batch script's, because you can't execute diskpart in a remote powershell session. To get startet, place the Diskpart batch script's into a share on your loca…
    Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
    This tutorial will give a short introduction and overview of Backup Exec 2014 and the additional features that have been added over its predecessor Backup Exec 2012. As with Backup Exec 2012, the Backup Exec button in the upper left corner. From her…
    This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    12 Experts available now in Live!

    Get 1:1 Help Now