Re: adprep failure, adding 2003 R2 x64 server to 2000 domain Optio
- From: "Paul Bergson [MVP-DS]" <pbergson@xxxxxxxxxxxxxxxxx>
- Date: Thu, 12 Jul 2007 07:37:09 -0500
I am researching but have found nothing as of yet.
--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
"Doug B" <DougB@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F4FAF754-0141-4DC1-BBE9-6225DA3A3437@xxxxxxxxxxxxxxxx
Yes, I just reran it and here is the log.
==========================================
Domain Controller Diagnosis
Performing initial setup:
* Connecting to directory service on server msXXXXX.
* Collecting site info.
* Identifying all servers.
MSXXXXX.highestCommittedUSN = 490116
MSXXXXX.isSynchronized = 1
MSXXXXX.isGlobalCatalogReady = 1
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
===============================================Printing out pDsInfo
GLOBAL:
ulNumServers=1l
pszRootDomain=XXXXX.com
pszNC=
pszRootDomainFQDN=DC=XXXXX,DC=com
pszConfigNc=CN=Configuration,DC=XXXXX,DC=com
iSiteOptions=0
HomeServer=0, MSXXXXX
SERVER: pServer[0].pszName=MSXXXXX
pServer[0].pszGuidDNSName=acfd1494-5f0c-4cd3-be46-c761fd0672e6._msdcs.XXXXX.com
pServer[0].pszDNSName=msXXXXX.XXXXX.COM
pServer[0].pszDn=CN=NTDS
Settings,CN=MSXXXXX,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=XXXXX,DC=com
pServer[0].pszComputerAccountDn=CN=MSXXXXX,OU=Domain
Controllers,DC=XXXXX,DC=com
pServer[0].uuidObjectGuid=acfd1494-5f0c-4cd3-be46-c761fd0672e6
pServer[0].uuidInvocationId=f04be0aa-4e2b-41dc-a719-86a5a44cb4f2
pServer[0].iSite=0 (Default-First-Site-Name)
pServer[0].iOptions=1
pServer[0].ppszMasterNCs:
ppszMasterNCs[0]=CN=Schema,CN=Configuration,DC=XXXXX,DC=com
ppszMasterNCs[1]=CN=Configuration,DC=XXXXX,DC=com
ppszMasterNCs[2]=DC=XXXXX,DC=com
SITES: pSites[0].pszName=Default-First-Site-Name
pSites[0].pszSiteSettings=CN=NTDS Site
Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=XXXXX,DC=com
pSites[0].pszISTG=CN=NTDS
Settings,CN=MSXXXXX,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=XXXXX,DC=com
pSites[0].iSiteOption=0
NC: pNCs[0].pszName=Schema
pNCs[0].pszDn=CN=Schema,CN=Configuration,DC=XXXXX,DC=com
NC: pNCs[1].pszName=Configuration
pNCs[1].pszDn=CN=Configuration,DC=XXXXX,DC=com
NC: pNCs[2].pszName=XXXXX
pNCs[2].pszDn=DC=XXXXX,DC=com
1 TARGETS: MSXXXXX,
=============================================Done Printing pDsInfo
Doing initial required tests
Testing server: Default-First-Site-Name\MSXXXXX
Starting test: Connectivity
* Active Directory LDAP Services Check
Failure Analysis: MSXXXXX ... OK.
* Active Directory RPC Services Check
......................... MSXXXXX passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\MSXXXXX
Starting test: Replications
* Replications Check
......................... MSXXXXX passed test Replications
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for
CN=Schema,CN=Configuration,DC=XXXXX,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
CN=Configuration,DC=XXXXX,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=XXXXX,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... MSXXXXX passed test Topology
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for
CN=Schema,CN=Configuration,DC=XXXXX,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
CN=Configuration,DC=XXXXX,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
DC=XXXXX,DC=com.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... MSXXXXX passed test CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=XXXXX,DC=com
* Security Permissions Check for
CN=Configuration,DC=XXXXX,DC=com
* Security Permissions Check for
DC=XXXXX,DC=com
......................... MSXXXXX passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... MSXXXXX passed test NetLogons
Starting test: Advertising
The DC MSXXXXX is advertising itself as a DC and having a DS.
The DC MSXXXXX is advertising as an LDAP server
The DC MSXXXXX is advertising as having a writeable directory
The DC MSXXXXX is advertising as a Key Distribution Center
The DC MSXXXXX is advertising as a time server
The DS MSXXXXX is advertising as a GC.
......................... MSXXXXX passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=MSXXXXX,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=XXXXX,DC=com
Role Domain Owner = CN=NTDS
Settings,CN=MSXXXXX,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=XXXXX,DC=com
Role PDC Owner = CN=NTDS
Settings,CN=MSXXXXX,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=XXXXX,DC=com
Role Rid Owner = CN=NTDS
Settings,CN=MSXXXXX,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=XXXXX,DC=com
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=MSXXXXX,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=XXXXX,DC=com
......................... MSXXXXX passed test KnowsOfRoleHolders
Starting test: RidManager
ridManagerReference = CN=RID Manager$,CN=System,DC=XXXXX,DC=com
* Available RID Pool for the Domain is 2101 to 1073741823
fSMORoleOwner = CN=NTDS
Settings,CN=MSXXXXX,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=XXXXX,DC=com
* msXXXXX.XXXXX.COM is the RID Master
* DsBind with RID Master was successful
rIDSetReferences = CN=RID Set,CN=MSXXXXX,OU=Domain
Controllers,DC=XXXXX,DC=com
* rIDAllocationPool is 1601 to 2100
* rIDNextRID: 1659
* rIDPreviousAllocationPool is 1601 to 2100
......................... MSXXXXX passed test RidManager
Starting test: MachineAccount
* SPN found :LDAP/msXXXXX.XXXXX.COM/XXXXX.com
* SPN found :LDAP/msXXXXX.XXXXX.COM
* SPN found :LDAP/MSXXXXX
* SPN found :LDAP/msXXXXX.XXXXX.COM/XXXXX
* SPN found
:LDAP/acfd1494-5f0c-4cd3-be46-c761fd0672e6._msdcs.XXXXX.com
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/acfd1494-5f0c-4cd3-be46-c761fd0672e6/XXXXX.com
* SPN found :HOST/msXXXXX.XXXXX.COM/XXXXX.com
* SPN found :HOST/msXXXXX.XXXXX.COM
* SPN found :HOST/MSXXXXX
* SPN found :HOST/msXXXXX.XXXXX.COM/XXXXX
* SPN found :GC/msXXXXX.XXXXX.COM/XXXXX.com
......................... MSXXXXX passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: RPCLOCATOR
* Checking Service: w32time
* Checking Service: TrkWks
* Checking Service: TrkSvr
* Checking Service: NETLOGON
* Checking Service: Dnscache
* Checking Service: NtFrs
SMTPSVC Service is stopped on [MSXXXXX]
......................... MSXXXXX failed test Services
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test
because /testdomain: was not entered
......................... MSXXXXX passed test
OutboundSecureChannels
Starting test: ObjectsReplicated
MSXXXXX is in domain DC=XXXXX,DC=com
Checking for CN=MSXXXXX,OU=Domain Controllers,DC=XXXXX,DC=com in
domain DC=XXXXX,DC=com on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=MSXXXXX,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=XXXXX,DC=com
in domain CN=Configuration,DC=XXXXX,DC=com on 1 servers
Object is up-to-date on all servers.
......................... MSXXXXX passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service Event log test
The registry lookup failed to determine the state of
the SYSVOL. Using the systems event log instead.
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
......................... MSXXXXX passed test frssysvol
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15
minutes.
......................... MSXXXXX passed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x00000457
Time Generated: 07/11/2007 11:54:22
Event String: Driver Konica 7040/IP-402 PS required for printer
__KONICA7040_Direct is unknown. Contact the
administrator to install the driver before you
log in again.
An Error Event occured. EventID: 0x00000452
Time Generated: 07/11/2007 11:54:22
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 07/11/2007 11:54:22
Event String: Driver Konica 7040/IP-402 PS required for printer
__konica7040_Hold is unknown. Contact the
administrator to install the driver before you
log in again.
An Error Event occured. EventID: 0x00000452
Time Generated: 07/11/2007 11:54:22
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 07/11/2007 11:54:23
Event String: Driver Konica 7040/P_KIT PS Ver 2 required for
printer __konica7040_Print is unknown. Contact
the administrator to install the driver before
you log in again.
An Error Event occured. EventID: 0x00000452
Time Generated: 07/11/2007 11:54:23
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 07/11/2007 11:54:23
Event String: Driver Microsoft Shared Fax Driver required for
printer Fax is unknown. Contact the administrator
to install the driver before you log in again.
An Error Event occured. EventID: 0x00000452
Time Generated: 07/11/2007 11:54:23
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 07/11/2007 11:54:24
Event String: Driver
Microsoft Office Document Image Writer Driver
required for printer
Microsoft Office Document Image Writer is
unknown. Contact the administrator to install the
driver before you log in again.
An Error Event occured. EventID: 0x00000452
Time Generated: 07/11/2007 11:54:24
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 07/11/2007 11:54:24
Event String: Driver
Microsoft Office Live Meeting Document Writer Driver
required for printer
Microsoft Office Live Meeting Document Writer is
unknown. Contact the administrator to install the
driver before you log in again.
An Error Event occured. EventID: 0x00000452
Time Generated: 07/11/2007 11:54:24
Event String: The printer could not be installed.
An Error Event occured. EventID: 0x00000457
Time Generated: 07/11/2007 11:54:24
Event String: Driver PDF995 Printer Driver required for printer
PDF995 is unknown. Contact the administrator to
install the driver before you log in again.
An Error Event occured. EventID: 0x00000452
Time Generated: 07/11/2007 11:54:24
Event String: The printer could not be installed.
......................... MSXXXXX failed test systemlog
Running enterprise tests on : XXXXX.com
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the
scope
provided by the command line arguments provided.
......................... XXXXX.com passed test Intersite
Starting test: FsmoCheck
GC Name: \\msXXXXX.XXXXX.COM
Locator Flags: 0xe00001fd
PDC Name: \\msXXXXX.XXXXX.COM
Locator Flags: 0xe00001fd
Time Server Name: \\msXXXXX.XXXXX.COM
Locator Flags: 0xe00001fd
Preferred Time Server Name: \\msXXXXX.XXXXX.COM
Locator Flags: 0xe00001fd
KDC Name: \\msXXXXX.XXXXX.COM
Locator Flags: 0xe00001fd
......................... XXXXX.com passed test FsmoCheck
==========================================
"Paul Bergson [MVP-DS]" wrote:
Have you run dcdiag against it?
DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log
--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
"Doug B" <DougB@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:D532F118-8A5E-49DF-ABE5-B3B521696056@xxxxxxxxxxxxxxxx
I just tried the trial version and got the same results. FYI: I did a
filediff against the KB919151 download and they are the same files.
Open
to
more suggestions.
DB
"Paul Bergson [MVP-DS]" wrote:
Did you try the 32 bit version via the free download?
--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
"Doug B" <DougB@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:66F4F792-84A9-4A50-864F-02C09CCF4C52@xxxxxxxxxxxxxxxx
Yes the user I am using is Schema Admin, Enterprise Admin and Domain
Admin.
I am running the 32 bit on the FSMO role holder, which is the only
DC
in
the
current W2k domain. And it complains :
"Adprep was unable to complete because the call back function (null)
failed.
Error message: Unable to connect to the domain controller
"xxxxxxx.com".
"
And
"Adprep was unable to update forest-wide information.
Adprep requires access to existing forest-wide information from the
schema
master in order to complete this operation."
"Paul Bergson [MVP-DS]" wrote:
You get the code for your 32bit o/s, give it a whirl.
You are logged on as the schema admin when you go to extend this,
correct?
--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
"Doug B" <DougB@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:67AECD4D-D14C-4D24-94F3-BC49B03853A1@xxxxxxxxxxxxxxxx
Paul,
From this blog entry I went with option #2, which from my
reading
is a
better option to try. It comes from the MS KB919151.
Is there something better about the trial version that you know
of?
DB
"Paul Bergson [MVP-DS]" wrote:
Try downloading a trial version of Windows 2003 R2 and
extending.
http://technet.microsoft.com/en-us/windowsserver/bb430833.aspx
(From
http://blogs.dirteam.com/blogs/jorge/archive/2007/01/05/How-to-deploy-64-bit-R2-DCs-in-a-32-bit-W2K3-AD-environment.aspx)
--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the
NewsGroup
This posting is provided "AS IS" with no warranties, and confers
no
rights.
"Doug B" <DougB@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:CB93ED81-1830-41FE-B81E-7A3E6E9B4394@xxxxxxxxxxxxxxxx
I have only 1 DC in my 2000 domain, it is SP4 and up to date
(patch
wise). The 2003 R2 server is x64, so I got the hotfix
KB919151
from
microsoft. While running the adprep /forestprep (on the
current
dc
server as administrator) it errors out.
basically it is erroring out on two points.
"Adprep was unable to complete because the call back function
(null)
failed.
Error message: Unable to connect to the domain controller
"xxxxxxx.com". "
And
"Adprep was unable to update forest-wide information.
Adprep requires access to existing forest-wide information
from
the
schema master in order to complete this operation."
I have run dcdiag /c /v and it only reports failure on SMTP
service
not running and errors with kccevent. Both of which should
have
no
impact.
I also ran netdiag /v, no problems.
ran repadmin /showconn, it does show the one and only server
ran repadmin /showreps, again point to the dc server.
FSMO, all roles point to the current dc server.
Log follows: (this is the second attempt at running adprep,
the
first
shows
that it has upgraded the schema version to 31.)
=====================================================
Adprep created the log file ADPrep.log under
C:\WINNT\system32\debug
\adprep\logs\20070707151104 directory.
Adprep copied file D:\adprep\schema.ini from installation
point
to
local machine under directory C:\WINNT.
Adprep copied file D:\adprep\dcpromo.csv from installation
point
to
local machine under directory
C:\WINNT\system32\debug\adprep\data.
Adprep copied file D:\adprep\409.csv from installation point
to
local
machine under directory C:\WINNT\system32\debug\adprep\data.
Adprep successfully made the LDAP connection to the local
domain
controller XXXXXX.
Adprep was about to call the following LDAP API.
ldap_search_s().
The
base entry to start the search is (null).
LDAP API ldap_search_s() finished, return code is 0x0
Adprep successfully retrieved information from the local
directory
service.
Adprep successfully initialized global variables.
[Status/Consequence]
Adprep is continuing.
ADPREP WARNING:
Before running adprep, all Windows 2000 domain controllers in
the
forest should be upgraded to Windows 2000 Service Pack 1 (SP1)
with
QFE 265089, or to Windows 2000 SP2 (or later).
QFE 265089 (included in Windows 2000 SP2 and later) is
required
to
prevent potential domain controller corruption.
For more information about preparing your forest and domain
see
KB
article Q331161 at http://support.microsoft.com.
[User Action]
If ALL your existing Windows 2000 domain controllers meet this
requirement, type C and then press ENTER to continue.
Otherwise,
type
any other key and press ENTER to quit.
Adprep set the value of registry key
System\CurrentControlSet\Services
\NTDS\Parameters\Schema Update Allowed to 1
Adprep was about to call the following LDAP API. ldap_add_s().
The
entry to add is
cn=ForestUpdates,CN=Configuration,DC=XXXXX,DC=com.
LDAP API ldap_add_s() finished, return code is 0x44
Adprep attempted to create the directory service object
cn=ForestUpdates,CN=Configuration,DC=XXXXX,DC=com.
[Status/Consequence]
The object exists so Adprep did not attempt to rerun this
operation
but is continuing.
Adprep was about to call the following LDAP API. ldap_add_s().
The
entry to add is
cn=Operations,cn=ForestUpdates,CN=Configuration,DC=XXXXX,DC=com.
LDAP API ldap_add_s() finished, return code is 0x44
Adprep attempted to create the directory service object
cn=Operations,cn=ForestUpdates,CN=Configuration,DC=XXXXX,DC=com.
[Status/Consequence]
The object exists so Adprep did not attempt to rerun this
operation
.
- Follow-Ups:
- References:
- adprep failure, adding 2003 R2 x64 server to 2000 domain Options
- From: Doug B
- Re: adprep failure, adding 2003 R2 x64 server to 2000 domain Options
- From: Paul Bergson [MVP-DS]
- Re: adprep failure, adding 2003 R2 x64 server to 2000 domain Optio
- From: Doug B
- Re: adprep failure, adding 2003 R2 x64 server to 2000 domain Optio
- From: Paul Bergson [MVP-DS]
- Re: adprep failure, adding 2003 R2 x64 server to 2000 domain Optio
- From: Doug B
- Re: adprep failure, adding 2003 R2 x64 server to 2000 domain Optio
- From: Paul Bergson [MVP-DS]
- Re: adprep failure, adding 2003 R2 x64 server to 2000 domain Optio
- From: Doug B
- Re: adprep failure, adding 2003 R2 x64 server to 2000 domain Optio
- From: Paul Bergson [MVP-DS]
- Re: adprep failure, adding 2003 R2 x64 server to 2000 domain Optio
- From: Doug B
- adprep failure, adding 2003 R2 x64 server to 2000 domain Options
- Prev by Date: Re: RADIUS (IAS) and Cisco Concentrator? (PDF Attachment)
- Next by Date: Re: Urgent - Windows 2003 Trust and NAT
- Previous by thread: Re: adprep failure, adding 2003 R2 x64 server to 2000 domain Optio
- Next by thread: Re: adprep failure, adding 2003 R2 x64 server to 2000 domain Optio
- Index(es):
Relevant Pages
|
