After months and months of complaining about the state of the hardware in our servers, they’ve finally got around to approving new servers (bit by bit). One of the first servers I wanted to upgrade was our domain controllers. One of them has a BIOS issue that HP won’t fix (but acknowledge exists) and the other is having drive issues. The servers are both so old that:
- It’s impossible to get drives for the servers without selling your family, and your soul to the devil.
- HP doesn’t support them any more.
So after finally getting approval for a new server, we got a nice shiney Dell ordered. PowerEdge 1850, mid-range, Windows 2003 R2. Our supplier is pretty good, they realized that purchasing a volume license for Windows is cheaper than purchasing a single license. And as we deal with a lot of servers, volume licensing certainly comes in handy.
So the server arrives, and while I’m waiting for it to build, I look into the promotion of the server to a domain controller. I’m researching this not because I don’t know how to run dcpromo but because Windows 2003 brings a whole lot more to Active Directory. This ultimately requires various updates to the AD environment. So after some reading about, Microsoft has a “guide” on how to do it in KB325379. Now the article is titled “How to upgrade Windows 2000 domain controllers to Windows Server 2003”, however the steps are identical all the way up to the point of actually upgrading Windows 2000 to Windows 2003.
The basic steps are:
- Make sure you have the latest patches on all domain controllers
- Make sure you are a Schema Admin
- Make sure you are an Enterprise Admin
- Run
dcpromo /forestprepfrom the schema operation master (FSMO) - Run
dcpromo /domainprepfrom the infrastructure operations master domain controller on each of the domains.
Okay, well windows updates is not an issue, we use WSUS here, so I can keep a close eye on updates. Logging onto the FSMO (which also happens to be the infrastructure operations master too as we only have one domain in a single forest running on 2 domain controllers), I then ran the 2 commands above. Both reported that they an successfully, and there was no errors in the log files. I did that Friday of last week. I even verified they ran correctly by looking at two keys that should have been created (details are in KB325379).
Yesterday was an incredibly busy day (video conferencing system being installed), so I didn’t get a chance to finish doing the promotion, but I had planned on giving the domain a day or so to propergate the new changes. So this morning I jumped on the new server, and executed dcpromo, it pauses and thinks for a bit, and it barfs back this error:
The Active Directory Installation Wizard cannot continue because the forest is not prepared for installing Windows Server 2003. Use the Adprep command-line tool to prepare both the forest and the domain. For more information about using the Adprep, see Active Directory Help. The version of the Active Directory schema of the source forest is not compatible with the version of Active Directory on this computer.
Hrmm… Weird, I have run the adprep commands and the likes, and I’m still getting this error? Good old google… I did a search for the error, and stumbled across these two articles…
The first one details the exact error message, including the errors in the dcpromo.log (which is located in drive:\Windows\debug folder). However the details in the article aren’t very handy as they just tell you to run the adprep commands.
The second article was right on the money. Because we’re using R2, there is a second CD, which has additional files included that also need to be added (something that is missing from KB325379).
Drive:\CMPNENTS\R2\ADPREP\adprep.exe /forestprep
This executes an additional update. Just for the sake of it, I also executed adprep /domainprep but was informed that all the updates had been done.
I left the server for a little bit, and forced replication between the domain controllers. After a while (about an hour or so, I had other things to tend to), I reissued dcpromo on our new server. Some more twiddling of fingers, and a few moments later, it started to download all the domain settings, and updates…
Weee