Jump to content

Adding a 2008 r2 DC to a 2003 Domain


Recommended Posts

Greets, technophiles.

i no that this topic is not for everyone, but i've seen some seriously deep dns and domain related questions here...

sooo, with that in mind (so to speak) here's some stuff in one place that i've not seen in one place on

preparatory work before adding a 2008 r2 server as a domain controller

to a server 2003 domain controller environment.


(1)(a) you need to know which domain controller (DC) has the fsmo (schema master) - http://support.microsoft.com/kb/324801

run cmd as administrator

regsvr32 schmmgt.dll


start, run, mmc

file, add snap in

active directory schema

the name of the server will be to the right of "active directory schema" in the title bar and in the menu on the left.


don't screw around here. you can destroy your domain.


(1)(b ) you need to know which DC has the Infrastructure Operations Master role

start, administrative tools, active directory users and pooters

right click the domain name

operations masters

infrastructure tab

voila, the server name you seek!


(2) you need to run adprep twice -

If your existing server is 32bit, run adprep32, not adprep

If you run adprep on a 32bit machine, you will get this error message

The image file D:\adprep\adprep.exe is valid, but is for a machine type

other than the current machine.

adprep.exe is on the Server 2008 r2 install disk in [drive letter:]\support\adprep


(2)(a) Log on to the server that you found in (1)(a) the fsmo (schema master)

as someone that is a member of both the "Enterprise Admins Group" and "Schema Admins Group"


(2)( b )Run this command on the server that holds the schema master operations master (also known as flexible single master operations or FSMO) role.

	adprep /forestprep 

note: this will run for a long time (15 to 20 min)

when "the command has completed successfully" is displayed - it is >not< done!

about 50 rows of dots (............) appear, 1 at a time, that's a lot of dots...

when "adprep successfully updated the forest-wide information." is displayed

and, you are returned to the command prompt,

then the command has completed.


(2)( c )Log on to the server that you found in (1)( b ) the Infrastructure Operations Master

as someone that is a member of both the "Enterprise Admins Group" and "Schema Admins Group"


(2)(d) Then run this command on the server that holds the infrastructure operations master role.

 adprep /domainprep /gpprep  

note: you should see these lines, and be returned to the command prompt (runs very quickly)

Running domainprep ...

Adprep successfully updated the domain-wide information.

Adprep successfully updated the Group Policy Object (GPO) information.


(3) Make sure replication is running well in your domain. run this command

(this domain has only 2 DCs.)

repadmin /replsum /bysrc /bydest /sort:delta  

Note: You should see something like this, with 0 errors, if errors, fix it now

repadmin /replsum /bysrc /bydest /sort:delta

Replication Summary Start Time: 2012-06-19 20:17:38


Beginning data collection for replication summary, this may take awhile:



Source DC largest delta fails/total %% error

SERVER 01h:21m:17s 0 / 5 0

TAHITI 46m:12s 0 / 5 0


Destination DC largest delta fails/total %% error

TAHITI 01h:21m:17s 0 / 5 0

SERVER 46m:12s 0 / 5 0

(4) Fix you physical network adapter's ip configuration

Set all network adapters to static ip addresses for both ipv4 and ipv6

if you do not run ipv6 yet, unselect it from the network adapter properties

if you do not want to use all your physical adapters,

unselect ipv4 and ipv6 on that (those) adapters

Failing to do so will give you an error when you run dcpromo, which you can elect to bypass, but not a good idea


(5) add the server to your domain

r click "computer"


in the "computer name, domain, and workgroup settings" area, click "change settings"

computer name tab

"to rename this..." click the "change button"

under "member of"

select "domain"

type in the name of the domain, authenticate as a domain admin, restart the server


and while not part of prepartory work,

when you are ready to promote the 2008 r2 server to become a domain controller

start, run, dcpromo

that will open a gui that steps you through the process.

(careful you don't create a new forest or domain if that is not your intention...)


edited to get rid of the auto-"fixes": (B) for ( b ) and © for ( c )

Edited by Temmu
Link to comment
Share on other sites


how many users?

how many pcs in your existing domain?

how many other servers?


because win nt4 is so radically different than 2003 (am skipping win server 2000 on purpose)

take an nt4 bdc, make it a pdc and upgrade it to server 2003

here's a guide by microsoft for such a task http://www.microsoft.com/en-us/download/details.aspx?id=2479


from there, create a new 2008 r2 server and (if you like) follow my guide


let us know!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...