Re: 2003 SP2 to 2003 SP2 R2 on a forest root DC

Tech-Archive recommends: Fix windows errors by optimizing your registry

Looks good with the exception that I would also run a couple of other
diagnostics prior to the upgrade.

-> DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log
-> netdiag.exe /v > c:\netdiag.log (On each dc)
-> dnslint /ad /s "ip address of your dc"

**Note: Using the /E switch in dcdiag will run diagnostics against ALL dc's
in the forest. If you have significant numbers of DC's this test could
generate significant detail and take a long time. You also want to take
into account slow links to dc's will also add to the testing time.

When complete search for fail, error and warning messages.

Description and download for dnslint
http://support.microsoft.com/kb/321045


--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.

"Mark Z." <MarkZ@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:B98E1341-E163-4C50-A99F-C9D3E7ACF368@xxxxxxxxxxxxxxxx
We have 2003 DCs with SP2 and we'd like to upgrade all DCs to 2003 R2
(with
SP2 obviously), mainly for the FRS Replication feature. We have 2 DCs in
the
forest root and 12 (will be 14 in a week or so) in the child domain all at
2003 SP2 now. My main concern is that the forest root has a CA on it.
Obviously I'll be backing up the CA (using "Back up CA..." in cert
services)
but I'm still concerned.

This DC is important, to sum it up, it is:
- Root CA
- Schema Master
- Domain Naming Master
- Authoritative Time server
- Global Catalog
- Operations Master
- Infrastructure Master
- PDC Emulator
- Intersite Topology Generator
- IP Bridgehead
- DNS Server

Obviosuly I am taking a system state backup of this DC daily. Replication
is
checked every hour also. There is another forest root DC in another part
of
the country in a different site. Just making sure I don't need to move the
CA
or any FSMO roles.

So my plan is:
1. Backup system state and CA
2. Run repadmin /replsum /bysrc /bydest /sort:delta just to make sure no
issues
2. Run adprep /forestprep out of the \cmpnents\R2 folder off our Server
2K3
R2 SP2 volume license disc
3. Run adprep /domainprep in both the parent and child domain (on the PDC
emulator)
4. Add components of R2 as needed using Add/Remove Windows components

...there's probably 6 or 7 reboots in there somewhere ;)

Any issues with this plan? Will my CA get harmed in the process?


.

Relevant Pages

  • Re: New child domain
    ... Error message when you run the Active Directory Installation Wizard: ... When I try to create a new child domain aA. ... I get the request to run Adprep on Schema master and infrastructure ... forest is ready and the domain is ready. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Upgrading the Schema Master - [WildPacket]
    ... Please remember that the two FSMO Roles of Schema Master and Domain Naming ... 'Forest Root Domain'. ... company.com) you can then go to each Domain and drop in the Windows Server ...
    (microsoft.public.windows.server.active_directory)
  • Re: Orphaned Child Domains into new forest
    ... without its forest root. ... You have a forest root domain and a child domain. ... When responding to posts, please "Reply to Group" via your newsreader so ...
    (microsoft.public.windows.server.migration)
  • Re: Domain Migration
    ... clone all objects on the Win 2k Child Domain to the ... Win 2003 Forest Root. ... > the child domain into the 2003 forest root domain. ... > hospital and access to the internal website is critical. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Migrate standalone domain to new forest as child domain
    ... > -Create new forest, use ADMT to migrate company.com in as a child domain ... > newcompany.com forest root domain does not exist, ...
    (microsoft.public.windows.server.active_directory)