Please double check my AD prep steps

Posted on 2013-09-24
Medium Priority
Last Modified: 2013-09-24
We are currently running a 2003 R2 forest/domain function level with exchange 2010. We are looking to perform the ADprep for 2008 R2. We will not be changing the function level just yet but we want to run the ADprep to enable some of the newer features.

We are a single forest with one domain and a child domain (company.com and dmz.company.com)

Below are the steps I am planning on running.
1. adprep /forestprep on operations master
2. adprep /domainprep on infrastructure master in company.com and dmz.company.com

1. We are not planning on running and read only DCs so I believe I can skip adprep /rodcprep
2. Im not entirely sure if I need to run adprep /domainprep /gpprep if so when should this be run?

Anything else to look out for?
Question by:Joseph Daly
LVL 61

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 1000 total points
ID: 39517865
All of the answers you seek are here:


But to summarize:

1) As the article states /rodcprep is optional.
2) /domainprep /gpprep must be run on each domain infrastructure master, just like /domainprep is. With that said, as the article states, it does not need to be run if you have already run it once for 2003. Since you are at the 2003 functional level, one could *assume* you have, but I don't like to assume.

With all of that said, there is no harm in running commands more than once. So I take the "when it doubt" path. Simply run all the required commands, and if some are unnecessary, it took a full 3 extra seconds of my time (per domain, which with 2, is a whole whopping 6 seconds.)

Hope that helps.
LVL 57

Accepted Solution

Mike Kline earned 1000 total points
ID: 39517897
A few things;

 adprep /forestprep on operations master  >> You want to run forestprep on your schema master

I'd still run /rodcprep just in case you want to add them in the future

Are your current 2003 boxes 32 bit or 64 bit.  If they are 32 bit use adprep32

When you are done you will be at schema version 47   http://adisfun.blogspot.com/2013/06/windows-server-2012-r2-preview-schema.html


LVL 35

Author Comment

by:Joseph Daly
ID: 39517951
Thanks guys. I was using the technet article as the guide and I guess doing all of the steps even if we arent planning on using RODC does make sense.

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

I’m willing to make a bet that your organization stores sensitive data in your Windows File Servers; files and folders that you really don’t want making it into the wrong hands.
You have missed a phone call. The number looks like it belongs to the bunch of numbers which your company uses. How to find out who has just called you?
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

619 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question