Errors running adprep32 /forstprep on Server 2003

• יום שני 14 פברואר 2011 16:46

   

   
  

  0

  We have a member server that is Server 2008 R2 Enterprise.   We want to promote it to a DC so we have attempted to run adprep32 on the 2003 DC that is holding the FSMO roles.  We keep getting errors.

  We have a forest with a single domain.  There are two domain controllers running Server 2003 Enterprise Edition with SP2.  Once server started to show signs its raid failing so we quickly brought its replacement online to run file services.  The replacement is Windows Server 2008 R2 Enterprise, it is the one we want to promote to a DC.

  Here is the log file from the server we are running adprep on:

  [2011/02/14:09:59:18.281]
  Adprep created the log file ADPrep.log under C:\WINDOWS\debug\adprep\logs\20110214095918 directory.
  [2011/02/14:09:59:18.703]
  Adprep copied file Z:\SUPPORT\ADPREP\schema.ini from installation point to local machine under directory C:\WINDOWS.
  [2011/02/14:09:59:18.750]
  Adprep copied file Z:\SUPPORT\ADPREP\schupgrade.cat from installation point to local machine under directory C:\WINDOWS\system32.
  [2011/02/14:09:59:18.828]
  Adprep copied file Z:\SUPPORT\ADPREP\PAS.ldf from installation point to local machine under directory C:\WINDOWS\system32.
  [2011/02/14:09:59:21.500]
  Adprep copied file Z:\SUPPORT\ADPREP\dcpromo.csv from installation point to local machine under directory C:\WINDOWS\debug\adprep\data.
  [2011/02/14:09:59:21.500]
  Adprep successfully made the LDAP connection to the local Active Directory Domain Controller ISD911BACKUP.
  [2011/02/14:09:59:21.500]
  Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is (null).
  [2011/02/14:09:59:21.500]
  LDAP API ldap_search_s() finished, return code is 0x0
  [2011/02/14:09:59:21.500]
  Adprep successfully retrieved information from the local Active Directory Domain Services.
  [2011/02/14:09:59:21.515]
  Adprep successfully initialized global variables.
  
  [Status/Consequence]
  
  Adprep is continuing.
  [2011/02/14:09:59:21.515]
  
  
  ADPREP WARNING:
  
  
  
  Before running adprep, all Windows 2000 Active Directory Domain Controllers in the forest should be upgraded to Windows 2000 Service Pack 4 (SP4) or later.
  
  
  
  [User Action]
  
  If ALL your existing Windows 2000 Active Directory Domain Controllers meet this requirement, type C and then press ENTER to continue. Otherwise, type any other key and press ENTER to quit.
  [2011/02/14:09:59:25.843]
  Adprep set the value of registry key System\CurrentControlSet\Services\NTDS\Parameters\Schema Update Allowed to 1
  [2011/02/14:09:59:25.843]
  Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is cn=27a03717-5963-48fc-ba6f-69faa33e70ed,cn=Operations,cn=ForestUpdates,CN=Configuration,DC=cambridge,DC=k12,DC=mn,DC=us.
  [2011/02/14:09:59:25.843]
  LDAP API ldap_search_s() finished, return code is 0x20
  [2011/02/14:09:59:25.843]
  Adprep verified the state of operation cn=27a03717-5963-48fc-ba6f-69faa33e70ed,cn=Operations,cn=ForestUpdates,CN=Configuration,DC=cambridge,DC=k12,DC=mn,DC=us.
  
  [Status/Consequence]
  
  The operation has not run or is not currently running. It will be run next.
  [2011/02/14:09:59:25.843]
  Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is (null).
  [2011/02/14:09:59:25.843]
  LDAP API ldap_search_s() finished, return code is 0x0
  [2011/02/14:09:59:26.046]
  Adprep was unable to upgrade the schema on the schema master.
  
  [Status/Consequence]
  
  The schema will not be restored to its original state.
  
  [User Action]
  
  Check the Ldif.err log file in the (null) directory for detailed information.
  [2011/02/14:09:59:26.046]
  Adprep encountered a Win32 error.
  
  Error code: 0x202b Error message: A referral was returned from the server..
  [2011/02/14:09:59:26.062]
  Adprep set the value of registry key System\CurrentControlSet\Services\NTDS\Parameters\Schema Update Allowed to 1
  [2011/02/14:09:59:26.062]
  Adprep was unable to update forest information.
  
  [Status/Consequence]
  
  Adprep requires access to existing forest-wide information from the schema master in order to complete this operation.
  
  [User Action]
  
  Check the log file, ADPrep.log, in the C:\WINDOWS\debug\adprep\logs\20110214095918 directory for more information.

  This is the ldif.log file:

  Connecting to "isd911main.cambridge.k12.mn.us"
  
  Logging in as current user using SSPI
  
  Importing directory from file "C:\WINDOWS\system32\PAS.ldf"
  
  Loading entries
  1: CN=ms-DS-HAB-Seniority-Index,CN=Schema,CN=Configuration,DC=cambridge,DC=k12,DC=mn,DC=us
  Entry DN: CN=ms-DS-HAB-Seniority-Index,CN=Schema,CN=Configuration,DC=cambridge,DC=k12,DC=mn,DC=us
  Add error on line 4: Referral
  
  The server side error is "A referral was returned from the server."
  
  0 entries modified successfully.
  
  An error has occurred in the program
  
  Finally, here is the a wordpad verson of the PAS.ldf file that seems to be generating the error:

  # Fix the isMemberOfPartialAttributeSet for Windows Server 2007 schema.
  # Should only run when the current forest functionality level is 1 or greater.
  
  dn: CN=ms-DS-HAB-Seniority-Index,CN=Schema,CN=Configuration,DC=X
  changetype: ntdsSchemaModify
  replace: isMemberOfPartialAttributeSet
  isMemberOfPartialAttributeSet: TRUE
  -
  
  dn: CN=ms-DS-Phonetic-Last-Name,CN=Schema,CN=Configuration,DC=X
  changetype: ntdsSchemaModify
  replace: isMemberOfPartialAttributeSet
  isMemberOfPartialAttributeSet: TRUE
  -
  
  dn: CN=ms-DS-Phonetic-First-Name,CN=Schema,CN=Configuration,DC=X
  changetype: ntdsSchemaModify
  replace: isMemberOfPartialAttributeSet
  isMemberOfPartialAttributeSet: TRUE
  -
  
  dn: CN=ms-DS-Phonetic-Department,CN=Schema,CN=Configuration,DC=X
  changetype: ntdsSchemaModify
  replace: isMemberOfPartialAttributeSet
  isMemberOfPartialAttributeSet: TRUE
  -
  
  dn: CN=ms-DS-Phonetic-Display-Name,CN=Schema,CN=Configuration,DC=X
  changetype: ntdsSchemaModify
  replace: isMemberOfPartialAttributeSet
  isMemberOfPartialAttributeSet: TRUE
  -
  
  dn: CN=ms-DS-Phonetic-Company-Name,CN=Schema,CN=Configuration,DC=X
  changetype: ntdsSchemaModify
  replace: isMemberOfPartialAttributeSet
  isMemberOfPartialAttributeSet: TRUE
  -
  
  dn: CN=ms-FVE-VolumeGuid,CN=Schema,CN=Configuration,DC=X
  changetype: ntdsSchemaModify
  replace: isMemberOfPartialAttributeSet
  isMemberOfPartialAttributeSet: TRUE
  -
  
  dn: CN=ms-FVE-RecoveryGuid,CN=Schema,CN=Configuration,DC=X
  changetype: ntdsSchemaModify
  replace: isMemberOfPartialAttributeSet
  isMemberOfPartialAttributeSet: TRUE
  -
  
  dn: CN=Last-Logon-Timestamp,CN=Schema,CN=Configuration,DC=X
  changetype: ntdsSchemaModify
  replace: isMemberOfPartialAttributeSet
  isMemberOfPartialAttributeSet: TRUE
  -
  
  dn: CN=ms-PKI-DPAPIMasterKeys,CN=Schema,CN=Configuration,DC=X
  changetype: ntdsSchemaModify
  replace: isMemberOfPartialAttributeSet
  isMemberOfPartialAttributeSet: FALSE
  -
  
  dn: CN=ms-PKI-AccountCredentials,CN=Schema,CN=Configuration,DC=X
  changetype: ntdsSchemaModify
  replace: isMemberOfPartialAttributeSet
  isMemberOfPartialAttributeSet: FALSE
  -
  
  dn: CN=ms-PKI-RoamingTimeStamp,CN=Schema,CN=Configuration,DC=X
  changetype: ntdsSchemaModify
  replace: isMemberOfPartialAttributeSet
  isMemberOfPartialAttributeSet: FALSE
  -
  
  dn:
  changetype: ntdsSchemaModify
  add: schemaUpdateNow
  schemaUpdateNow: 1
  -
   
  I have scanned these files and forums for hours without a solution...any help would be greatly appreciated.
  

  • נערך על-ידי HelicopterMcBill יום שני 14 פברואר 2011 16:49 Clarify where log files begin
  •  
  • תגובה
  • ציטוט