Link to home
Start Free TrialLog in
Avatar of ozzalot
ozzalotFlag for United States of America

asked on

Server 2008 R2 Domain Controller

Environment: 2 Windows Server 2008 non R2 domain controllers.  Domain Functional Level is at 2003. The old 2003 Domain Controller is gone, but I need can't raise the domain functional level just yet.

Problem:  I'm adding trying to add a new Server 2008 R2 Domain Controller.  When doing DCpromo I get promoted to run "adprep /forestprep".  After doing some research on this I know i have to do this on the schema master.  Some posts say to remove the 2003 server but it no longer exists.  I just want make sure I have everything in check before i run this on production servers.  Also will this cause any changes?

THanks.
SOLUTION
Avatar of FOX
FOX
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of ozzalot

ASKER

This server i am adding will be the first 2008 R2 server.  I'm just always a little cautious when working with AD.
Nothing to worry about here buddy.  Why didn't you add a 2012r2 domain controller...just go all out :)
Avatar of ozzalot

ASKER

Personally I would love too so I can get experience with it, corporate is limiting me to 2008R2.
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of ozzalot

ASKER

One last stupid question and stupid because i think i answered during my question.  I only run adprep on the schema master correct?  I have another domain controller, but i don't need to run adprep on the second domain controller correct?
Avatar of ozzalot

ASKER

Hmm now this new server is asking me to run "adprep /domainprep"  Correct me if i'm wrong but this is done on the primary domain controller correct?
You don't have to run it on the schema master.  When you are doing the install of the 2008r2 it will prompt you for the ad and forest preps.  It goes out and updates forest and domain wide from right there.  I assume you have domain admin rights.
No question is a stupid question in the world we work in.
Let it rip!!, pull the trigger!!!  Nothing to worry about buddy.  It will update with  the ad/domain prep from right there.
The Forest and Domain Functional levels simply state what point your DC can use AD features from - for example, if you wanted to use the Active Directory Recycle Bin, you'd have to upgrade the levels... if you're happy and content with the features you have now, you don't need to raise the levels.

The Schema though is a different story - it's basically your AD Database and even if you don't use the new fields (from upgrading the functional levels), they have to be there so the newer DCs don't have issues trying to reference something.  ADPREP updates the schema and a few other things to ensure all is ready.  

adprep /forestprep must be run on the schema master for the entire forest
adprep /domainprep must be run on the infrastructure master for the domain.

More information you should probably read can be found here:
Running Adprep.exe
https://technet.microsoft.com/en-us/library/dd464018%28v=ws.10%29.aspx
Avatar of ozzalot

ASKER

LOL I'm not that trigger happy.

Ok so adprep is done and now i'm working on prompting this server into a domain controller. I can't install DNS just the Global Catalog.  The message reads: "DNS cannot be installed on this domain controller because this domain does not host DNS"

Our two current domain controllers are running DNS.  Should I just ignore this and install DNS after dcpromo?
DCPROMO automatically installs DNS - leave it alone.
Avatar of ozzalot

ASKER

Lee,

Check box for install DNS is greyed out.  Usually I can check DNS and Global catalog and install both these services during DCPROMO.
Avatar of ozzalot

ASKER

Here is what I'm seeing.
2015-10-29_113610.jpg
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Mark I believe he originally stated he got rid of the 2003 dc.
True and my bad, id still like to see the output of these commands before doing anything, this is Microsoft recommended actually.

Additionally is this enviroment virtual or physical?
Again before considering doing anything we need backups.
Avatar of ozzalot

ASKER

I ran DCDIAG and it passed all tests.  I can post result if needed but all tests passed with no errors.  NetDiag was a no go.  According to Technet NetDiag only applies to Server 2003 and 2012.  Command prompt doesn't recognize it. I also ran repadmin /replsummary and it passed (0 fails).  

I've just made a back up of both Sever 2008 non R2 domain controllers for just in case.  Any advice?  I saw Microsoft's recommendation of continuing with DCPROMO because it reports its a bug, but like i mentioned before I'm always really cautious messing with AD since I'm working on production servers.
Continue on.
gonna let foxluv close this one off as im not a solution stealer, he needs dem points too ;).
glad to see your dcdiag passed mate, backups good job :).

raise up that functional level !
Avatar of ozzalot

ASKER

Sorry i out of Friday.

Foxluv and Mark,  Thanks for your help. I was able to get the 2008 R2 DC up and running on Thursday night and it is running AD and DNS.  Thanks again for your help!!!