With the release of Windows Server 2008, more and more companies are starting to use it. Sometimes, we have to face this situation, we want to keep the original Windows Server 2003 Active Directory, do not want to rebuild a new forest. Whether this can be achieved and how it is implemented is what the administrators want to know. Today we will focus on how to add Windows Server 2008 domain controllers to Active Directory running Windows 2000 Server or Windows Server 2003.
To achieve this goal, you need to make some changes to the existing Active Directory. First, we must update the existing Active Directory schema. Update the schema from the domain controller that holds the schema operations master role. If you are performing an unattended installation of AD DS for Windows Server 2008, you must update the schema before installing the operating system. For a normal installation, you must update the schema after running setup before installing AD DS. Here's how to complete this step.
To perform this operation, the account used must belong to the following group:
o Enterprise Admins
o Schema Admins
o Domain containing the schema host Domain Admins
Preparing Forest Architecture for Windows Server 2008
1. Log in to the schema host using an account that is a member of Enterprise Admins, Schema Admins, and Domain Admins groups.
2. Insert the Windows Server 2008 DVD into your CD or DVD drive.
3. Click Start, click Command prompt, enter command line mode,
4. Enter the following command and press Enter.
D:\\sources\\adprep\\adprep /forestprep
D: Is the drive letter of the CD or DVD drive (depending on the machine).
5. If you plan to install an RODC to any domain in the forest, enter the following command and press Enter.
D:\\sources\\adprep\\adprep /rodcprep
6. Allow the operation to complete and allow the change to be replicated to the entire forest in a domain that is ready to run Windows Server 2008 for any other domain Before the controller.
After completing the preparation for the forest, you need to prepare for the domain where you want to install the Windows Server 2008 domain controller.
To complete this task, the operator must be a member of the Domain Admins group. It is not enough for the Enterprise Admins group to perform this operation.
1. Use the following method to verify which domain controller the domain's infrastructure master role is located on:
" In Active Directory Users and Computers, right-click on the domain object and select Operate the host and click on the infrastructure.
2. Log in to the infrastructure host using an account that belongs to the Domain Admins group.
3. Insert the Windows Server 2008 DVD into your CD or DVD drive.
4. Click Start, click Command prompt, enter command line mode,
5. Enter the following command, then press Enter.
D:\\sources\\adprep\\adprep /domainprep /gpprep
6. Allow the operation to complete and allow the changes to be replicated throughout the forest when you install a domain controller running Windows Server 2008 prior to.
Next, you can install Windows Server 2008 domain controllers in the usual way. The specific steps for improvement are not described here.
After the upgrade is complete, how do I verify that the domain controller is working properly? We can use the following tools to determine:
" Active Directory Sites and Services
" DNS Manager
" Event Viewer
" Netdiag.exe
" Dcdiag.exe
" Repadmin.exe
" Ntfrsutl.exe
" Gpotool.exe< Br>
Here are some examples to illustrate that when you run the repadmin /showreps command on a domain controller, if a result similar to the following appears, the directory service replication works fine.
SITE_NAME\\DC1_NAME
DC Options: IS_GC
Site Options: (none)
DC object GUID: 69f94b64-3ab9-40b0-b098-de4ac0110835
DC invocationID: 660a6637-800c-48b4-833d-7e87c44d0a65
=== INBOUND NEIGHBORS ===================== >
DC=domain_name,DC=net
SITE_NAME\\DC2_NAME via RPC
DC object GUID: 3198bc33-6275-49be-a5b0-f666cdaf6eb5
Last attempt @ 2008-06-05 11:04:13 was successful.
SITE_NAME\\DC3_NAME via RPC
DC object GUID: 267f375c-dc1e-456d-b820-87b4c5f69b14
Last Attempt @ 2008-06-05 11:04:13 was successful.
When you run the ntfrsutl sets dc_name command on a domain controller, a result similar to the following appears, indicating that FRS replication is also normal.
Cxtion: 4BFDA462-27DD-4E27-9743-7A3BB12C3C86
(34a88443-e27b-40fa-9e64a17a9f242f68)
Partner : NNHCDC2 (923b0a69-a2b0-4de5-a9f7a340157f5bd7)
PartDnsName : dcname.domainname.net
PartSrvName : domainname\\dcname$
PartPrincName: domainname\\dcname$
PartSid : S-1-5 -21-1000673501-3501767921-787702556-1480
OrigGuid : 00000000-0000-0000-0000000000000000
State : 7
Flags : 000000c1 Flags [Consistent JoinGuidValid UnJoinGuidValid ]< Br>
CxtionOptions: 00000000 Flags [<Flags Clear>]
Inbound : TRUE
JrnlCxtion : FALSE
PartnerAuth : 0
TermCoSn : 0
JoinCmd : 0x00000000
CoCount : 0
CommQueue : 10
CoPQ : 00000000
UnjoinTrigger: 0
UnjoinReset : 0
Comm Packets : 5
PartnerMajor : 0
PartnerMinor : 8
JoinGuid : c517d13e-5e44-d751-8c2c920474f3d785
LastJoinTime : Thu Jun 5, 2008 01:22:15
LastSndStatus: ERROR_SUCCESS
NoFailedSnds : 0< Br>
When you run the gpotool /dc:dcname /verbose command on a domain controller, a result similar to the following appears, indicating that the Active Directory and Group Policy in SYSVOL are consistent.
Domain: domainname.com
Validating DCs...
Available DCs:
dcname
Searching for policies...
Found 2 policies
============================================
Policy {31B2F340-016D-11D2-945F-00C04FB984F9}
Friendly name: Default Domain Policy
Policy OK
Details:
- -------------------------------------------------- ---------
DC: dcname
Friendly name: Default Domain Policy
Created: 6/12/2008 8:51:59 AM< Br>
Changed: 6/12/2008 8:58:24 AM
DS version: 1(user) 3(machine)
Sysvol version: 1(user) 3( Machine)
Flags: 0 (user side enabled; machine side enabled)
User extensions: [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D- 00C04FA372D4}]
Machine extensions: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}][{827 D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2$88-11D1-A28C-00C04FB94F17}]
Functionality version: 2
1. Enter the control panel, select the program and function; 2, double-click the program to be unins
Windows 8 Developer Preview X86 Chinese language pack, which is what we call the Chinese package. Ho
Microsoft recently announced the system requirements for Windows 8 tablet devices, covering both Int
Steven Sinofsky, President of Microsoft Windows, wrote a blog today, detailing the new boot and shut
Win8.1 Webpage Copy Prohibited Solution
Win8 system security mode and system performance skills
Microsoft: Touch programs and Windows 8 are the beginning of a global revolution
Using Win8 system refresh and system reset to easily recover the system method
Easy to open Win8.1 virtual keyboard scheme
The Win8 system does not currently have access to the folder solution
How to delete the win8 sleep file
Windows 8 always displays case lock and number lock icons on the desktop
Microsoft Windows 8 Language Manager Screenshot Leak
How to solve the abnormal problem of Windows 8 application running
How to quickly and easily close the system application of Win8.1
Win10 Mobile Preview 10549 adds DPI zoom to make the phone become a computer skill
How to activate the official version of Windows10? How to activate Windows 10
What should I do if the win7 application is garbled?
Master files in the cleaning system have a trick
Share the secrets of WinXP hotkey small holes
How does Win10 retrieve the Word toolbar?