Announcement

Collapse
No announcement yet.

Schema Changes in AD for 2003 R2 64 bit Domain Controller

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Schema Changes in AD for 2003 R2 64 bit Domain Controller

    Hello,

    We're trying to deploy our first 2003 R2 64 bit Domain Controller into our current environment which only consists of 2003 32 bit Domain Controllers(3 of them). Our plan is to retire our oldest domain controller which contains all 5 FSMO roles and replace it with the 2003 R2 64 bit DC.

    My questions is what are the step necessary to introduce our first 2003 R2 64 bit DC into our environment. I know that I have to make changes to the schema. From what I gather so far I have to run ADPrep /forestprep on the schema master and ADPrep /domainprep on the infrastructure master, which in my case is only one server. Now do I have to run the ADPrep tool from the 2nd CD in 2003 R2 on our domain controller that holds the FSMO roles? Also do I run the 32 bit version of the ADPrep tool from the 2nd CD in 2003 R2? Or is there a better way to do this? Will promoting our 2003 R2 64 bit server to a DC then transfer the schema master role to it, then run the 64 bit version of ADPrep on it have better results?

    Also what do I have to do before making these changes to AD in the event I want to revert back? Do I just back up the system state from the DC that holds the FSMO roles using ntbackup utility?

    Thanks for help in advance

  • #2
    Re: Schema Changes in AD for 2003 R2 64 bit Domain Controller

    Hi,

    You are right. The only thing you have to do is: Run ADPREP /FORESTPREP from 2nd CD of R2. You need to run 32 bit version.

    Note: Although possiblities are very very less but remember, You can not do a authoritative restore for Schema rollback. So the better option is to first take "Schema master" offline and take system state then run ADPREP /FORESTPREP during offline so that if something goes wrong you can simply restore system state on the "Schema master" and plug it back.

    More queries are welcome.........

    Regards,
    Kapil Sharma
    ~~~~~~~~~~~~~
    Life is too short, Enjoy It.

    Comment


    • #3
      Re: Schema Changes in AD for 2003 R2 64 bit Domain Controller

      One more thing:

      This should have been posted in "Active Directory" section.

      Regards,
      Kapil Sharma
      ~~~~~~~~~~~~~
      Life is too short, Enjoy It.

      Comment


      • #4
        Re: Schema Changes in AD for 2003 R2 64 bit Domain Controller

        Thanks Kapilsharma11,

        Since I have to take the DC that holds the "schema master" role offline, where do I run the ADPrep /forestprep and ADPrep /domainprep from? Do I run that command from any of the other 2 DC's? Or is the better option to bring up the 64 bit system up and run the ADPrep /forestprep and ADPrep /domainprep from there?

        To force replication from each DC I do that with in the active directory sites and services MMC correct?

        Finally just to clarify my backing up of the system state, for best practices its better to take the system state of DC that holds the FSMO roles, then shut it down then proceed with the schema changes.

        sorry about posting this here,is it to late to move it?

        Thanks

        Comment


        • #5
          Re: Schema Changes in AD for 2003 R2 64 bit Domain Controller

          Small addition - if you disconnect the schema master, run forestprep on it and something goes wrong, there is no need to restore the schema master from the system state - you can just seize the role to another DC in the forest.

          1) Disconnect schema master from the network
          2) run forestprep on schema master using 2nd CD of W2K3 R2 32bit
          3) inspect logs and make sure the schema extension went ok

          If something went wrong, seize the FSMO roles to another DC in the forest.

          4) connect the schema master back and let it replicate the schema changes
          5) disconnect the DC with IM role (same DC with all 5 FSMO roles)
          6) run domainprep on it
          7) check logs, etc...

          If something went wrong, seize the FSMO roles to another DC in the forest.

          connect it back.
          Guy Teverovsky
          "Smith & Wesson - the original point and click interface"

          Comment


          • #6
            Re: Schema Changes in AD for 2003 R2 64 bit Domain Controller

            Thanks Guyt.

            Those steps are what I was looking for. After all the above steps are done. I then have to bring up theh 64bit machine and make it a DC. Once its a DC I then transfers the FSMO roles to it correct?

            Comment


            • #7
              Re: Schema Changes in AD for 2003 R2 64 bit Domain Controller

              Yep. After the schema is at R2 level, you can promote your 64bit R2 box to a DC/GC and transfer the roles.
              Guy Teverovsky
              "Smith & Wesson - the original point and click interface"

              Comment


              • #8
                Re: Schema Changes in AD for 2003 R2 64 bit Domain Controller

                Originally posted by guyt View Post
                Yep. After the schema is at R2 level, you can promote your 64bit R2 box to a DC/GC and transfer the roles.
                Once last question. What kind of errors or confirmations should I look for in the logs or AD to confirm things went well or bad after running the prep commands?

                Thanks

                Comment


                • #9
                  Re: Schema Changes in AD for 2003 R2 64 bit Domain Controller

                  to use the 32 bit version of adprep im going to need a windows 2003 R2 cd correct not te 64bit?

                  Comment


                  • #10
                    Re: Schema Changes in AD for 2003 R2 64 bit Domain Controller

                    Hi,

                    You can check the version of schema on each DC:

                    Use Registry Editor (Regedt32.exe) to view the following key:
                    HKey_Local_Machine\system\CurrentControlSet\servic es\NTDS\Parameters

                    The last parameter is the schema version number.

                    Double-click the value to convert it to decimal.

                    Regards,
                    Kapil Sharma
                    ~~~~~~~~~~~~~
                    Life is too short, Enjoy It.

                    Comment


                    • #11
                      Re: Schema Changes in AD for 2003 R2 64 bit Domain Controller

                      Schema version for R2 is 31.

                      One more way to check the same is using ADSIEDIT.MSC as given in below article:

                      http://technet2.microsoft.com/window....mspx?mfr=true

                      You need to run x-86 version of ADprep fron 32 bit CD. Refer the same article for this.

                      Regards,
                      Kapil Sharma
                      ~~~~~~~~~~~~~
                      Life is too short, Enjoy It.

                      Comment


                      • #12
                        Re: Schema Changes in AD for 2003 R2 64 bit Domain Controller

                        Thank you both for all your help.

                        I'm planning on doing this tonight. I have all the information I need, thanks to both of you.

                        Comment


                        • #13
                          Re: Schema Changes in AD for 2003 R2 64 bit Domain Controller

                          Always glad to help........

                          Regards,
                          Kapil Sharma
                          ~~~~~~~~~~~~~
                          Life is too short, Enjoy It.

                          Comment

                          Working...
                          X