Adding a 2003R2 x64 DC to an existing 2003 x32 DC

Discussion in 'Active Directory' started by K_Kenney, Apr 11, 2006.

  1. K_Kenney

    K_Kenney Guest

    I'm in the process of adding an additional domain controller to an existing
    2003 domain. I've run the adprep /forestPrep and /domainPrep on the current
    2003 x32 controller and then run the dcpromo on the new R2 x64 server.

    Everything goes fine and it starts to examine the existing forest and then
    fails. It "cannot continue because the forest is not prepared for installing
    Windows Server 2003." It goes on to tell me to use the adprep tool, which
    I've already done and then it states:
    "The version of the Active Directory schema of the source forest is not
    compatible with the version of Active Directory on this computer."

    So, I'm lost. Deep in the forest it appears.

    Thanks in advance for any help!
    K_Kenney, Apr 11, 2006
    1. Advertisements

  2. K_Kenney

    Herb Martin Guest

    Assuming the ADprep ran without error the next
    things to check are:

    1) Replication AFTER the ADprep (use DCDiag)

    2) Proper DNS config for both DNS servers AND
    all the DCs including the one being promoted

    Most replication or authentication errors are really DNS.

    Sometimes something more complicated or DCPromo/prep
    is responsible for failure to add an uplevel DC but start with
    these (and they are easy to check.)

    DNS for AD
    1) Dynamic for the zone supporting AD
    2) All internal DNS clients NIC\IP properties must specify SOLELY
    that internal, dynamic DNS server (set.)
    3) DCs and even DNS servers are DNS clients too -- see #2
    4) If you have more than one Domain, every DNS server must
    be able to resolve ALL domains (either directly or indirectly)

    netdiag /fix

    ....or maybe:

    dcdiag /fix

    (Win2003 can do this from Support tools):
    nltest /dsregdns /server:DC-ServerNameGoesHere

    Ensure that DNS zones/domains are fully replicated to all DNS
    servers for that (internal) zone/domain.

    Also useful may be running DCDiag on each DC, sending the
    output to a text file, and searching for FAIL, ERROR, WARN.

    Single Label domain zone names are a problem Google:
    [ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]
    Herb Martin, Apr 12, 2006
    1. Advertisements

  3. K_Kenney

    K_Kenney Guest

    When I ran the adprep, it didn't give an error, but it didn't actually run
    either. It said the domain-wide information has already been update and that
    adprep did not rerun this operation.

    But, the dcdiag was worse.
    I'm getting an error:
    Directory Binding Error -2146892976: The system detected a possible attempt
    to compromise security. Please ensure that you can contact the server that
    authenticated you.
    I'm running dcdiag with Enterprise and Domain Admin.

    So. Thanks for the help! Need to do some more digging. The two existing
    servers and the third one I'm trying to install are all behind a firewall,
    there are none between the servers.


    K_Kenney, Apr 12, 2006
  4. K_Kenney

    Herb Martin Guest

    Hopefully someone here knows that error -- I had a friend
    indicate it the other day and some trouble finding a reference
    on the MS site.

    If you find the answer (to the Binding error especially) please
    post it.

    Herb Martin, MCSE, MVP
    Accelerated MCSE
    [phone number on web site]
    Herb Martin, Apr 12, 2006
  5. Jorge de Almeida Pinto [MVP], Apr 17, 2006
  6. K_Kenney

    K_Kenney Guest

    That will probably do it, except the x32 server doesn't like the x64 file.
    Been google-ing for the file, but can't seem to find a place to get the x32

    Thanks for pointing me in the right direction though!
    K_Kenney, Apr 27, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.