5 replies to this topic

[Temmu]

Greets, technophiles.
i no that this topic is not for everyone, but i've seen some seriously deep dns and domain related questions here...
sooo, with that in mind (so to speak) here's some stuff in one place that i've not seen in one place on
preparatory work before adding a 2008 r2 server as a domain controller
to a server 2003 domain controller environment.
  
(1)(a) you need to know which domain controller (DC) has the fsmo (schema master) - http://support.microsoft.com/kb/324801
run cmd as administrator
regsvr32 schmmgt.dll
ok
start, run, mmc
file, add snap in
active directory schema
the name of the server will be to the right of "active directory schema" in the title bar and in the menu on the left.
ps
don't screw around here. you can destroy your domain.

(1)(b ) you need to know which DC has the Infrastructure Operations Master role
start, administrative tools, active directory users and pooters
right click the domain name
operations masters
infrastructure tab
voila, the server name you seek!

(2) you need to run adprep twice -
If your existing server is 32bit, run adprep32, not adprep
If you run adprep on a 32bit machine, you will get this error message
The image file D:\adprep\adprep.exe is valid, but is for a machine type
other than the current machine.
adprep.exe is on the Server 2008 r2 install disk in [drive letter:]\support\adprep

(2)(a) Log on to the server that you found in (1)(a) the fsmo (schema master)
as someone that is a member of both the "Enterprise Admins Group" and "Schema Admins Group"

(2)( b )Run this command on the server that holds the schema master operations master (also known as flexible single master operations or FSMO) role.

	adprep /forestprep 

  
note: this will run for a long time (15 to 20 min)
when "the command has completed successfully" is displayed - it is >not< done!
about 50 rows of dots (............) appear, 1 at a time, that's a lot of dots...
when "adprep successfully updated the forest-wide information." is displayed
and, you are returned to the command prompt,
then the command has completed.

(2)( c )Log on to the server that you found in (1)( b ) the Infrastructure Operations Master
as someone that is a member of both the "Enterprise Admins Group" and "Schema Admins Group"

(2)(d) Then run this command on the server that holds the infrastructure operations master role.
  

 adprep /domainprep /gpprep  

note: you should see these lines, and be returned to the command prompt (runs very quickly)
Running domainprep ...
Adprep successfully updated the domain-wide information.
Adprep successfully updated the Group Policy Object (GPO) information.

(3) Make sure replication is running well in your domain. run this command
(this domain has only 2 DCs.)

repadmin /replsum /bysrc /bydest /sort:delta  

  
Note: You should see something like this, with 0 errors, if errors, fix it now
   repadmin /replsum /bysrc /bydest /sort:delta
Replication Summary Start Time: 2012-06-19 20:17:38
  
Beginning data collection for replication summary, this may take awhile:
  .....
  
Source DC    largest delta  fails/total  %%  error
SERVER 01h:21m:17s 0 /   5 0
TAHITI 46m:12s 0 /   5 0
  
Destination DC largest delta fails/total  %%  error
TAHITI 01h:21m:17s 0 /   5 0
SERVER 46m:12s 0 /   5 0
(4) Fix you physical network adapter's ip configuration
Set all network adapters to static ip addresses for both ipv4 and ipv6
if you do not run ipv6 yet, unselect it from the network adapter properties  
if you do not want to use all your physical adapters,
unselect ipv4 and ipv6 on that (those) adapters  
Failing to do so will give you an error when you run dcpromo, which you can elect to bypass, but not a good idea

(5) add the server to your domain
r click "computer"
properties
in the "computer name, domain, and workgroup settings" area, click "change settings"
computer name tab
"to rename this..." click the "change button"
under "member of"
select "domain"
type in the name of the domain, authenticate as a domain admin, restart the server

and while not part of prepartory work,
when you are ready to promote the 2008 r2 server to become a domain controller
start, run, dcpromo
that will open a gui that steps you through the process.
(careful you don't create a new forest or domain if that is not your intention...)

edited to get rid of the auto-"fixes": ( for ( b ) and © for ( c )

Edited by Temmu, 19 June 2012 - 11:16 PM.

[LilBambi]

Good one Temmu! Thanks for posting it!

[Temmu]

again, lilbambi, you are too kind.

[crp]

at work, I am now looking at going from NT4 => 2008R2 domain controller

[ross549]

That's a huge upgrade. I hope it will not be too painful.

Adam

[Temmu]

crp,
how many users?
how many pcs in your existing domain?
how many other servers?

because win nt4 is so radically different than 2003 (am skipping win server 2000 on purpose)
take an nt4 bdc, make it a pdc and upgrade it to server 2003
here's a guide by microsoft for such a task http://www.microsoft...ls.aspx?id=2479

from there, create a new 2008 r2 server and (if you like) follow my guide

let us know!