Announcement

Collapse
No announcement yet.

Upgrading Schema from Server 2003 to Sever 2008R2

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Upgrading Schema from Server 2003 to Sever 2008R2

    I currently have two Server 2003 DCs, which are going to be retired and replaced with two new Server 2008R2 DCs. I will start by adding one additional Server 2008R2 DC, and then add the other one a couple of weeks later.

    The organization where I'm going to perform this upgrade, has a few applications that might have added objects to the schema, but I am not sure.
    Is there any way I can check which updates have been added to the schema since the AD forest was first created? I want to verify if there have been made any changes or not, before I run Adprep, because if there have been made changes, I will have to shutdown the non Schema master DC before running Adprep.

  • #2
    Re: Upgrading Schema from Server 2003 to Sever 2008R2

    Not clear why you need to do this as the schema update is non-destructive and does not affect operations of older DCs until you actually raise the domain functional level.

    I have never had to worry about extending a schema, either for Exchange or for an AD upgrade.
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Upgrading Schema from Server 2003 to Sever 2008R2

      I know what you mean. I have never had any problems extending the schema before either. And in 99% of the cases, Adprep runs just fine.

      But this organization insists that one of the DCs (non schema master) be turned off, in case things might go wrong. Because there have been issues at another branch, and there they had to perform a Forest recovery to rectify the situation.

      I found a PowerShell script, but then I'll have to install .Net 3.51 and Active Directory Management Gateway Service on one of the old DCs, because currently there are no 2008R2 DCs.

      I figure it would be easier to perhaps run a vb script. But have not been able to find one yet.

      Comment


      • #4
        Re: Upgrading Schema from Server 2003 to Sever 2008R2

        OK - corporate decisions beat reality every day

        If all you want to do is check the AD schema version, you can do it in various ways (see http://support.microsoft.com/kb/556086)
        If you need more information from the schema, not sure....

        Maybe you should just airgap the spare DC (no need to turn it off) anyway, do the upgrade, and reconnect the network cable once you are happy, then let replication push out the changes.
        Alternatively, just have good system state backups and be ready for a forest recovery http://technet.microsoft.com/en-us/l...(v=ws.10).aspx

        Could you post a link to your script?
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: Upgrading Schema from Server 2003 to Sever 2008R2

          Sure

          http://blogs.technet.com/b/heyscript...owershell.aspx

          Comment


          • #6
            Re: Upgrading Schema from Server 2003 to Sever 2008R2

            I was thinking, do I really need to run a forest recovery. I only have two DCs, DC01 and DC02. So what if I remove the network cable on DC02, that way nothing will be replicated to it.

            Then I perform the upgrade on DC01, and if anything goes wrong, I just turn it off. Then I reconnect the network cable on DC02, seize all FSMO roles to it, and remove all traces after DC01 in the domain.

            After that I can reinstall DC01 and run dcpromo on it, to make it a DC again, but the schema version will be 30 (server 2003) since thats whats on DC02, the single domain controller in the domain.

            I'm a bit unsure on what kind of info is replicated from DCs to other computers though. Does the DCs replicate anything to Exchange servers? Because they have an Exchange 2003 server in the domain as well.

            Comment


            • #7
              Re: Upgrading Schema from Server 2003 to Sever 2008R2

              AD information isn't replicated to non-DC member computers.

              Exchange Server stores much of it's configuration information in AD, but that info is written to AD, it is not stored on or replicated to Exchange. If you make configuration changes to Exchange while DC01 is offline those changes should be written to DC02 without any issue. Just make sure that DC02 is a GC and shows up in the AD properties of the Exchange server as an available DC.

              Comment


              • #8
                Re: Upgrading Schema from Server 2003 to Sever 2008R2

                Your plan sounds good - it is the way I would do it (airgap)

                Alternatively, consider introducing a third (temporary) DC - can be virtual - purely as a "spare" for the migration.

                As joe said, nothing is replicated to non-DCs
                Tom Jones
                MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                PhD, MSc, FIAP, MIITT
                IT Trainer / Consultant
                Ossian Ltd
                Scotland

                ** Remember to give credit where credit is due and leave reputation points where appropriate **

                Comment


                • #9
                  Re: Upgrading Schema from Server 2003 to Sever 2008R2

                  One of the steps I take whenever I update the schema is to disable outbound replication. Much easier and more tolerable than shutting down a DC or airgapping it...

                  Code:
                  repadmin /options %computername% +disable_outbound_repl
                  Rules of life:
                  1. Never do anything that requires thinking after 2:30 PM
                  2. Simplicity is godliness
                  3. Scale with extreme prejudice


                  I occasionally post using a savantphone, so please don't laugh too hard at the typos...

                  Comment

                  Working...
                  X