The Adprep Process

[February 2004]
The Adprep Process
Your first steps toward a Windows 2003 AD infrastructure
By: Sean Deuby
Focus
InstantDoc #41402
From the February 2004 edition of Windows IT Pro

By now, you've heard a lot about Windows Server 2003 and the advantages it might hold for your Active Directory (AD) infrastructure. If you've looked at the product documentation, you've probably discovered that the Windows 2000–to–Windows 2003 domain controller (DC) upgrade process is straightforward. But you might not realize that before you can upgrade to a Windows 2003 AD infrastructure, you need to use the Adprep utility to prepare your Win2K AD forest schema and structure.

The Adprep process appears to be straightforward. The utility has two options: Forestprep, which you run once for the forest, and Domainprep, which you run once in each domain. Although executing the process doesn't take long, you need to make sure that you fully understand the utility's prerequisites and prepare for its effects because Adprep has a permanent impact on the entire forest.

Adprep Prerequisites
As with any major system change, you should review the Microsoft Knowledge Base for any information related to Adprep that didn't make it into the product documentation. For example, the Microsoft article "Hotfixes to Install on Windows 2000 Domain Controllers Before Running Adprep /Forestprep" (http://support.microsoft.com/?kbid=331161) details which service pack level and hotfixes you should have in place before you run the utility. Essentially, you should have at least Win2K Service Pack 2 (SP2) installed on your DCs. If you have a lot of DCs or a large AD database (the article doesn't define large), you should install SP3 because it contains a fix that makes indexing for new attributes an operation that has little impact on a DC's performance. Because SP4 is the current service pack, this requirement shouldn't present a problem.

Even though the schema upgrade is a well-understood process with few failures, it's also irreversible. After you execute Forestprep and its changes have replicated to your forest, performing an authoritative restore of your entire AD infrastructure is the only way to back out. Before you run a large schema upgrade, make sure your AD infrastructure is healthy. You should have system-state backups of at least two DCs in each domain, and you should have tested the backup restores. If you have a large AD database (C:\%systemroot%\ntds\ntds.dit), you should have backups of every DC; a restore from tape is faster than replicating and rebuilding the database. The Microsoft article "How to Upgrade Windows 2000 Domain Controllers to Windows Server 2003" (http:// support.microsoft.com/?kbid=325379) provides up-to-date details about upgrading your Win2K DCs to Windows 2003 and discusses auditing your domains for down-level clients and making sure your DCs are at the correct software level. If you run or intend to run Microsoft Exchange 2000 Server in your forest, check out the article's discussion about how Forestprep redefines three non–Internet Engineering Task Force (IETF) Request for Comments (RFC)–compliant attributes: houseIdentifier, secretary, and labeledURI. If you've already run the Win2K InetOrPerson Kit, you shouldn't have a problem. If you haven't and you run Forestprep, you might mangle the attributes. Therefore, before you run Adprep, run a Lightweight Directory Access Protocol (LDAP) Data Interchange Format (LDIF) file that fixes the Exchange schema problems. See "How to Upgrade Windows 2000 Domain Controllers to Windows Server 2003" for details.

Another little-known consideration of the DC upgrade is that it disables the Distributed Link Tracking Server service, a service that pairs with the Distributed Link Tracking Client service to track links (e.g., shortcuts) as files move on a computer or among computers. Microsoft recommends that you disable the service on DCs (do so now; you don't have to wait until you install Windows 2003) to reduce replication overhead and delete the Distributed Link Tracking tables in AD to reduce database size. See the Microsoft article "Distributed Link Tracking on Windows-Based Domain Controllers" (http://support.microsoft.com/?kbid=312403) for details.

Forestprep Execution and Console Output
To run Forestprep, log on to the forest's schema master console with an account that's a member of both the Enterprise Admins and Schema Admins groups. By default, the schema master is the first DC in the forest. You can identify the schema operations master by running the Netdom Query FSMO command (from the Microsoft Windows 2000 Resource Kit).

Although you could separate adprep.exe and its required files, prestaging the entire \i386 folder to a temporary folder on the schema master and all infrastructure masters is easier and lets you locally execute the Forestprep and Domainprep commands. The Forestprep command is simple:

adprep /forestprep

After giving you a warning about the need to upgrade all your DCs to at least Win2K SP2, Forestprep gives you the following prompt to make sure you've installed Win2K SP2 or later:

[User Action]

Prev. page [1] 2 3 4 5 next page

You must log on before posting a comment.

If you don't have a username & password, please register now.

ADS BY GOOGLE SPONSORED LINKS

Increase SQL Server Performance: Free White Paper by Editor's Best winner, Texas Memory Systems.

Order Your SharePoint Fundamentals CD!: Learn how to uncover rich information management capabilities with this free SharePoint CD.

Try Idera’s new SQL admin toolset!: 24 essential desktop tools for managing SQL Server for $495.

Evaluating Your Database Infrastructure: The wind of change is in the air for your corporate databases. SQL Server 2008 and other new technologies can mean it is possible to deploy more powerful and effective databases.

True High Availability for SQL Servers: SQL Server DBA’s must ensure that they have some form of protection in place. This seminar gives useful tips on HA and resources that are available for your disaster recovery planning.

Simplify your data management: Affordable multi-database query and design tool-- free trial!

Virtualization Congress Oct. 14-16: Don't miss Virtualization Congress, the premiere EMEA conference dedicated to hardware, OS and application virtualization. Oct. 14-16 in London.

FEATURED LINKS

Coming This Fall –SharePoint Live Event Series: Join SharePoint experts Wendy Henry and Michael Noel for best practices regarding infrastructure, design, redundancy, site administration, and ECM. Early Bird Price of $99

Find a new job on the all new IT Job Hound!: Search jobs, post your resume, and set up job e-mail alerts!

Master SharePoint with 3 eLearning Seminars!: Learn how to customize field types, create scheduled services, and go further with the Content Query Web Part with MVP Andrew Connell. Register today!

Virtualization for Mission-Critical BI with SQL Server: Join this Aug. 20th web seminar to learn a different approach to virtualization for BI-based application infrastructure. Ask questions of live experts!

Windows IT Pro Is Your Definitive Source for BI Tools: Our tools are BI-lateral (relating to both the front and back ends of BI). Build the best platforms and reports with help from SQL Server Magazine. Master data-delivery with solutions in Windows IT Pro. Choose the resource that's right for you.

	SQL Server Magazine Register Subscribe FAQ for Windows WinInfoNews
	Contact Us / Customer Service Editorial Calendar Media Kit Affiliates / Licensing Technical Resources Directory
	Windows IT Pro Office & SharePoint Pro Windows Dev Pro IT Library Connected Home Windows Excavator SuperSite IT Job Hound ITTV

	Copyright © 2008 Penton Media, Inc. All rights reserved. Terms and Use Privacy Statement Reprints and Licensing

Search

Related Whitepapers

Related Events

Related eBooks

Related Essential Guides

Related Resources

vLabs Links

SQL Job Openings

ADS BY GOOGLE SPONSORED LINKS

FEATURED LINKS