Recipe15.4.Upgrading from Windows 2000 to Windows Server 2003

Previous page
Table of content
Next page

Recipe 15.4. Upgrading from Windows 2000 to Windows Server 2003

Problem

You want to upgrade your existing Windows 2000 Active Directory domain controllers to Windows Server 2003. Before doing this, you must run the ADPrep tool, which extends the schema and adds several objects in Active Directory that are necessary for new features and enhancements.

Solution

First, run the following command on the Schema FSMO domain controller with the credentials of an account that is in both the Enterprise Admins and Schema Admins groups:

> adprep /forestprep

After the updates from /forestprep have replicated throughout the forest, run the following command on the Infrastructure FSMO domain controller in each domain with the credentials of an account in the Domain Admins group:

> adprep /domainprep

If the updates from /forestprep have not replicated to at least the Infrastructure FSMO servers in each domain, an error will be returned when running /domainprep. To debug any problems you encounter, see the ADPrep log files located at %SystemRoot%\System32\Debug\Adprep\Logs.

adprep can be found in the \i386 directory on the Windows Server 2003 CD. The tool relies on several files in that directory, so you cannot simply copy that file out to a server and run it. You must run it either from a CD or from a location where the entire directory has been copied.


To determine if adprep /domainprep completed, check for the existence of the following object, where <DomainDN> is the distinguished name of the domain:

cn=Windows2003Update,cn=DomainUpdates,cn=System,<DomainDN>

To determine if adprep /forestprep completed, check for the existence of the following object, where <ForestRootDN> is the distinguished name of the forest root domain:

cn=Windows2003Update,cn=ForestUpdates,cn=Configuration,<ForestRootDN>

Discussion

The adprep command prepares a Windows 2000 forest and domains for Windows Server 2003. Both /forestprep and /domainprep must be run before you can upgrade any domain controllers to Windows Server 2003 or install new Windows Server 2003 domain controllers.

The adprep command serves a similar function to the Exchange 2000 setup /forestprep and /domainprep commands, which prepare an Active Directory forest and domains for Exchange 2000. The adprep /forestprep command extends the schema and modifies some default security descriptors, which is why it must run on the Schema FSMO domain controller and under the credentials of someone in both the Schema Admins and Enterprise Admins groups. In addition, the adprep /forestprep and /domainprep commands add new objects throughout the forest, many of which are necessary for new features supported in Windows Server 2003 Active Directory.

If you've installed Exchange 2000 or Services For Unix 2.0 in your forest prior to running adprep, there are schema conflicts with the adprep schema extensions that you'll need to fix first. MS KB 325379 and 314649 have a detailed list of compatibility issues and resolutions.

One of the nice features of adprep is it stores its progress in Active Directory. For /domainprep, a container with a distinguished name of cn=DomainUpdates,cn=Sys-tem,<DomainDN> is created that has child object containers cn=Operations and cn=Windows2003Update. After adprep completes a task, such as extending the schema, it creates an object under the cn=Operations container to signify its completion. Each object has a GUID for its name, which represents some internal operation for adprep. For /domainprep, 52 of these objects are created. After all of the operations have completed successfully, the cn=Windows2003Update object is created to indicate /domainprep has completed. Figure 15-1 shows an example of the container structure created by /domainprep.

Figure 15-1. DomainPrep containers


For /forestprep, a container with the distinguished name of cn=ForestUp-dates,cn=Configuration,<ForestRootDN> is created with child object containers cn=Operations and cn=Windows2003Update. The same principles apply as for /domainprep except that there are 36 operation objects stored within the cn=Operations container. After /forestprep completes, the cn=Windows2003Update object will be created that marks the successful completion of /forestprep. Figure 15-2 shows an example of the container structure created by /forestprep.

Figure 15-2. ForestPrep containers


See Also

Chapter 14 of Active Directory (O'Reilly), MS KB 331161 (List of Fixes to Use on Windows 2000 Domain Controllers Before You Run the Adprep/Forestprep Command), MS KB 314649 (Windows Server 2003 ADPREP Command Causes Mangled Attributes in Windows 2000 Forests That Contain Exchange 2000 Servers), and MS KB 325379 (How to Upgrade Windows 2000 Domain Controllers to Windows Server 2003)


Previous page
Table of content
Next page
Windows Server Cookbook
Windows Server Cookbook for Windows Server 2003 and Windows 2000
ISBN: 0596006330
EAN: 2147483647
Year: 2006
Pages: 380
Authors: Robbie Allen
BUY ON AMAZON
Lotus Notes and Domino 6 Development (2nd Edition)
Software Configuration Management
VBScript Programmers Reference
The CISSP and CAP Prep Guide: Platinum Edition
GO! with Microsoft Office 2003 Brief (2nd Edition)
AutoCAD 2005 and AutoCAD LT 2005. No Experience Required
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy