Windows IT Pro is the authoritative and independent resource for windows nt, windows 2000, windows 2003, windows xp. Features a collection of resources and magazines for windows IT professionals.
  
  
  Advanced Search 


February 2004

The Adprep Process

Your first steps toward a Windows 2003 AD infrastructure
From the February 2004 Edition
of Windows IT Pro
Sean Deuby
Focus
InstantDoc #41402
Windows IT Pro
Email this Article
Printer Friendly
Reader Comments
Digg This
Del.icio.us
RSS
Subscribe to Windows IT Pro | See More Active Directory (AD) Articles Here | Reprints | Or get the Monthly Online Pass—only $5.95 a month!

By now, you've heard a lot about Windows Server 2003 and the advantages it might hold for your Active Directory (AD) infrastructure. If you've looked at the product documentation, you've probably discovered that the Windows 2000–to–Windows 2003 domain controller (DC) upgrade process is straightforward. But you might not realize that before you can upgrade to a Windows 2003 AD infrastructure, you need to use the Adprep utility to prepare your Win2K AD forest schema and structure.

The Adprep process appears to be straightforward. The utility has two options: Forestprep, which you run once for the forest, and Domainprep, which you run once in each domain. Although executing the process doesn't take long, you need to make sure that you fully understand the utility's prerequisites and prepare for its effects because Adprep has a permanent impact on the entire forest.

Adprep Prerequisites
As with any major system change, you should review the Microsoft Knowledge Base for any information related to Adprep that didn't make it into the product documentation. For example, the Microsoft article "Hotfixes to Install on Windows 2000 Domain Controllers Before Running Adprep /Forestprep" (http://support.microsoft.com/?kbid=331161) details which service pack level and hotfixes you should have in place before you run the utility. Essentially, you should have at least Win2K Service Pack 2 (SP2) installed on your DCs. If you have a lot of DCs or a large AD database (the article doesn't define large), you should install SP3 because it contains a fix that makes indexing for new attributes an operation that has little impact on a DC's performance. Because SP4 is the current service pack, this requirement shouldn't present a problem.

Even though the schema upgrade is a well-understood process with few failures, it's also irreversible. After you execute Forestprep and its changes have replicated to your forest, performing an authoritative restore of your entire AD infrastructure is the only way to back out. Before you run a large schema upgrade, make sure your AD infrastructure is healthy. You should have system-state backups of at least two DCs in each domain, and you should have tested the backup restores. If you have a large AD database (C:\%systemroot%\ntds\ntds.dit), you should have backups of every DC; a restore from tape is faster than replicating and rebuilding the database. The Microsoft article "How to Upgrade Windows 2000 Domain Controllers to Windows Server 2003" (http:// support.microsoft.com/?kbid=325379) provides up-to-date details about upgrading your Win2K DCs to Windows 2003 and discusses auditing your domains for down-level clients and making sure your DCs are at the correct software level. If you run or intend to run Microsoft Exchange 2000 Server in your forest, check out the article's discussion about how Forestprep redefines three non–Internet Engineering Task Force (IETF) Request for Comments (RFC)–compliant attributes: houseIdentifier, secretary, and labeledURI. If you've already run the Win2K InetOrPerson Kit, you shouldn't have a problem. If you haven't and you run Forestprep, you might mangle the attributes. Therefore, before you run Adprep, run a Lightweight Directory Access Protocol (LDAP) Data Interchange Format (LDIF) file that fixes the Exchange schema problems. See "How to Upgrade Windows 2000 Domain Controllers to Windows Server 2003" for details.

Another little-known consideration of the DC upgrade is that it disables the Distributed Link Tracking Server service, a service that pairs with the Distributed Link Tracking Client service to track links (e.g., shortcuts) as files move on a computer or among computers. Microsoft recommends that you disable the service on DCs (do so now; you don't have to wait until you install Windows 2003) to reduce replication overhead and delete the Distributed Link Tracking tables in AD to reduce database size. See the Microsoft article "Distributed Link Tracking on Windows-Based Domain Controllers" (http://support.microsoft.com/?kbid=312403) for details.

Forestprep Execution and Console Output
To run Forestprep, log on to the forest's schema master console with an account that's a member of both the Enterprise Admins and Schema Admins groups. By default, the schema master is the first DC in the forest. You can identify the schema operations master by running the Netdom Query FSMO command (from the Microsoft Windows 2000 Resource Kit).

Although you could separate adprep.exe and its required files, prestaging the entire \i386 folder to a temporary folder on the schema master and all infrastructure masters is easier and lets you locally execute the Forestprep and Domainprep commands. The Forestprep command is simple:

adprep /forestprep

After giving you a warning about the need to upgrade all your DCs to at least Win2K SP2, Forestprep gives you the following prompt to make sure you've installed Win2K SP2 or later:

[User Action]
   Previous  [1]  2  3  4  5  Next 


Reader Comments

You must log on before posting a comment.

If you don't have a username & password, please register now.




Top Viewed ArticlesView all articles
WinInfo Short Takes: Week of November 24, 2008

An often irreverent look at some of the week's other news, including a Vista Capable dismissal request, Zune price reductions, Morrow musings, Novell and Microsoft sitting in a tree ... two years later, Yahoo!, IE 6 on Windows Mobile, and so much more ...

Command Prompt Tricks

One reader shares his tip for setting up the command prompt to reflect a remote path. ...

PsExec

This freeware utility lets you execute processes on a remote system and redirect output to the local system. ...
Active Directory (AD) Whitepapers Sustainable Compliance: How to reconnect compliance, security and business goals

Managing Unix/Linux with Microsoft System Center Operations Manager 2007 Cross Platform Extensions Beta

Addressing the Insider Threat with NetIQ Security and Administration Solutions
Related Events Concrete Ways to Make Sure Your SharePoint Deployment Doesn't Blow Up

Virtualization 101

Introduction to Identity Lifecycle Manager "2"

Check out our list of Free Email Newsletters!
Windows OSs eBooks Understanding and Leveraging Code Signing Technologies

Keeping Your Business Safe from Attack: Monitoring and Managing Your Network Security

Windows 2003: Active Directory Administration Essentials
Related Active Directory (AD) Resources Become a VIP member of the Windows IT Pro community!
Get it all with the VIP CD and VIP access. A $500+ value for only $279!

Subscribe to Windows IT Pro!
Solve your toughest technical problems with our experts and access 10,000 + articles online. 30% off

Monthly Online Pass - Only $5.95!
Get instant access to 10,000+ articles from Windows IT Pro Magazine!

TechNet Virtual Labs
Evaluate and test Microsoft's newest products.



ADS BY GOOGLE

Job Openings in IT SPONSORED LINKS FEATURED LINKS
Is Your Approach to VMware Server Recovery Outdated?
Is your data protected from server failure? Download this white paper to find the best way to back up, recover, and restore your VMware ESX Server 3.x.

Maximize speed, performance and reliablity of your PCs and servers—automatically!
Speed Up Your PC! Try Diskeeper 2008 with InvisiTasking Free Now!

GoGrid Offers FREE Trial for Windows Cloud Servers
Deploy Windows Server 2003 and 2008 with free load balancing through GoGrid’s award winning web-based GUI – all in less than 5 minutes

Order Your SQL Fundamentals CD Today!
Learn how to use SQL Server, understand Office integration techniques and dive into the essentials of SQL Express and Visual Basic with this free SQL Fundamentals CD.
You've Deployed SharePoint...Now What?
This one-day free online conference delivers the technical knowledge needed to kick MOSS up a notch. In one information-packed day, independent SharePoint experts will present practical, real-world information and provide take-away, ready-to-use solutions

Ease Your Scripting Pains with the Flexibility of PowerShell!
Paul Robichaux equips you with PowerShell basics in 3 introductory lessons, each followed by live Q&A—all on your own computer! Register today!

What Would You Do If You Ran Microsoft?
ITTV's 2008 inaugural video contest, "If I Ran Microsoft..." is your chance to tell it like it is. Be goofy or be serious, but don"t miss this chance to have fun, win prizes, and go viral in a major way.

Maximize Your SharePoint Investment
This web seminar discusses how true bi-directional replication of SharePoint content from one server to another enables branch offices to maintain access to current SharePoint content.

Rock Your Knowledge, and Compete with Friends and Colleagues!
Are you the Web Application Performance Guru in your office? It's time to have fun! Download now to access the crossword puzzle. Challenge yourself and complete this fun activity!
Windows IT Pro Home Register FAQ for Windows WinInfo News
Europe Edition About Us Contact Us/Customer Service Media Kit Affiliates / Licensing  
SQL Server Magazine Office & SharePoint Pro Windows Dev Pro IT Job Hound ITTV
IT Library Technology Resource Directory Connected Home Windows Excavator Windows SuperSite 
 
 Windows IT Pro is a Division of Penton Media Inc.
 Copyright © 2008 Penton Media, Inc., All rights reserved. Terms and Use | Privacy Statement | Reprints and Licensing