Join Server 2012 to 2003 domain

I have a 2003 domain that has been running for years--no real issues. Recently started thinking of replacing the 2003 Enterprise Edition with Server 2012 Standard Edition. Installed 2012 as a VM on Hyper-V 2012, which also hosts the 2003 enterprise as a VM. Did all the 2012's updates and then added the AD role (rebooted) +and tried to join it to the 2003 domain--fails. Please see attached file/pictures for details 1) 2003 "functional domain level" is set to 2003 (highest possible for 2003) 2) On the 2012 server in server manager I can click on the "promote this server to a domain controller", add the required credentials, it finds the existing domain but then errors out 3) the error is "verification of replica failed, the forest functional level is 2000, to install 2012 the functional domain level must be 2003 or higher (but it is 2003). 4) ran dcdiag on 2003 server and all tests passed. Tried several suggestions from online searches (removed DNS on 2003, rebooted and reinstalled it) and none are working. Help please-thanks.
LVL 26
Lionel MMSmall Business IT ConsultantAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Seth SimmonsSr. Systems AdministratorCommented:
your domain functional level is 2003 but your forest functional level is 2000
that will block the 2012 server from being a domain controller

on the 2003 server, open AD domains and trusts, then right-click on AD domains and trusts and select raise forest functional level

change it to 2003 then promote the 2012 server

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Will SzymkowskiSenior Solution ArchitectCommented:
Have you tested replication? When you update your Domain or Forst this has to replicate to all DC's.

I would recommend running the following commands...
- repadmin /replsum
- repadmin /showrepl
- repadmin /bridgeheads

Also run
netdom query fsmo

You can also use Powershell to get the Forest and Domain Functional Level
Get-ADForest | fl
Get-ADDomain | fl

Lionel MMSmall Business IT ConsultantAuthor Commented:
Seth, thanks for the quick response--I did that and I was able to get a bit further with the process but then I got this error
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Lionel MMSmall Business IT ConsultantAuthor Commented:
Will I have only the one server with AD, one DC and when I run repadmin /replsum it says no such exists for repadmin and search for it on the 2003 server finds nothing

P.S. The goal is to replace the current 2003 with this 2012 after a few weeks.
Will SzymkowskiSenior Solution ArchitectCommented:
Ahh, ok if you only have 1 server then no need to run the repadmin commands.

However what i would do is make sure that your Forest/Domain preps actually updated properly. You need to verify this using ADSIEdit.msc

Use the link below which outlines how to check this using ADSIEdit.msc

Look for verify that adprep /forestprep completed successfully and verify that adprep /domainprep completed successfully

Seth SimmonsSr. Systems AdministratorCommented:
...but then I got this error

it's not an error it's a warning (error red, warning yellow)
it only states that the 2012 server you are working on can't be a read-only domain controller because there are currently no 2008 domain controllers
you can ignore it
Lionel MMSmall Business IT ConsultantAuthor Commented:
Thanks Seth -- I figured that out but wasn't sure (did a snapshot just in case) and I got to the last step (install) -- it was looking good, but it finished with two additional warning one about NT 40 cryptography (rebooted before I could get the rest of what it said) and other said
"A delegation for this DNS server cannot be created because the authoritative parent zone cannot be found or it does not run Windows DNS server. If you are integrating with an existing DNS infrastructure, you should manually create a delegation to this DNS server in the parent zone to ensure reliable name resolution from outside the domain "HFI.local". Otherwise, no action is required."
It then self-rebooted but it still shows the initial wizard to add this server to an existing domain (the wizard I just ran through).
Will SzymkowskiSenior Solution ArchitectCommented:
Both of these warnings can be ignored. You can continue to Install/promote this server as a DC. When it has rebooted make sure that DNS is pointing to itself and the other DC as a secondary.

Lionel MMSmall Business IT ConsultantAuthor Commented:
Thanks for the quick response
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.