So this weekend I was starting the refresh of my home setup, removing all the Windows 2008 servers and replacing them with Windows 2012 servers, the first old Domain controller went fine, but the 2008 R2 DC would not run DCPromo correctly to demote the server out of the domain.
All the FSMO roles had been moved to the replacement servers but on running dcpromo i go the message "Directory Service is missing mandatory configuration information...unable to determine ownership of floating single-master operation roles"
This directed me to http://support.microsoft.com/kb/949257 which did not seem to be a solution, but did fix the solution. This does seem to show a potental issue with Active Directory that the Infrastructure master FSMO role is stored in both the domain configuration and the DNS zones, As such it is probably worth checking any forest/domain where the original Domain controller has been removed to confirm if the DNS zones have also been updated.
Saturday, 8 December 2012
Wednesday, 7 November 2012
Windows Active Directory Version Upgrades
This week I am on a Windows 2012 course to update my technical certification and a question was asked by one of the other attendees could he update his Active Directory currently running on a pair of Windows 2000 and 2003 servers to two new ones both running Windows 2012 and what the easiest way to get from A to B. All we could find on-line was that the ADPrep tool would only run on a 64Bit Windows 2008 Server.
This needed a definitive answer so here it is.
I started with a Windows 2000 SP4 Active Directory Single Domain Forest. Running in Native Mode.
The Windows 2003 AdPrep was run against the Forest and Domain with no comments. From there a Windows 2003 SP2 Domain controller was added with no issues. I made both these servers Global Catalogs. On the Windows 2000 server (as it held all the FSMO roles) the Windows 2008 R2 AdPrep ran for Forest and Domain preparation with no complaints (just making sure that all the Windows 2000 servers were running SP4) and again a new DC was added this time a 64Bit Windows 2008 R2 server.
So still in Windows 2000 Forest and Domain Functional Level, it is possible to host, Windows 2000 SP4, Windows 2003 SP2 and Windows 2008 R2 (and I assume R1) Domain Controllers with no problems.
The next stage was to do the AD preparation for Windows 2012, this stated that it needed a minimum of only Windows 2003 servers in the domain, so all the FSMO roles were moved to the other domain controllers and the Windows 2000 was demoted. The ADPrep ran successfully at this point for both Forest and Domain preparation.
On trying to promote the Windows 2012 to become a Domain Controller it announced that the Forest Functional level needed to be raised to Windows 2003, do this also raised the Domain functional level to 2003, but then the Windows 2012 Server could be made a Domain Controller.
This needed a definitive answer so here it is.
I started with a Windows 2000 SP4 Active Directory Single Domain Forest. Running in Native Mode.
The Windows 2003 AdPrep was run against the Forest and Domain with no comments. From there a Windows 2003 SP2 Domain controller was added with no issues. I made both these servers Global Catalogs. On the Windows 2000 server (as it held all the FSMO roles) the Windows 2008 R2 AdPrep ran for Forest and Domain preparation with no complaints (just making sure that all the Windows 2000 servers were running SP4) and again a new DC was added this time a 64Bit Windows 2008 R2 server.
So still in Windows 2000 Forest and Domain Functional Level, it is possible to host, Windows 2000 SP4, Windows 2003 SP2 and Windows 2008 R2 (and I assume R1) Domain Controllers with no problems.
The next stage was to do the AD preparation for Windows 2012, this stated that it needed a minimum of only Windows 2003 servers in the domain, so all the FSMO roles were moved to the other domain controllers and the Windows 2000 was demoted. The ADPrep ran successfully at this point for both Forest and Domain preparation.
On trying to promote the Windows 2012 to become a Domain Controller it announced that the Forest Functional level needed to be raised to Windows 2003, do this also raised the Domain functional level to 2003, but then the Windows 2012 Server could be made a Domain Controller.
Subscribe to:
Comments (Atom)