Logo
programming4us
programming4us
programming4us
programming4us
Home
programming4us
XP
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Windows Phone
 
Windows Server

Exchange Server 2007 : Migrating from Windows 2000 Server to Windows Server 2003 (part 3) - Upgrading the AD Schema Using adprep

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
2/9/2014 8:27:01 PM

4. Upgrading a Windows 2000 Server Active Directory Forest

In many cases, the Windows 2000 environment that will be migrated includes one or many Active Directory domains and forests. Because Active Directory is one of the most important portions of a Microsoft network, it is also one of the most important areas to focus on in a migration process. In addition, many of the improvements made to Windows Server 2003 are directly related to Active Directory, making it even more appealing to migrate this portion of an environment.

Because Exchange 2007 requires the active forest to be at a Windows Server 2003 functional level, the organization needs to proceed with the steps to migrate to Windows 2003. As a benefit, in addition to getting a forest that is ready to support Exchange 2007, the following additional functionality is available with a Windows Server 2003 forest:

  • Domain Rename Capability— Windows Server 2003 Active Directory supports the renaming of either the NetBIOS name or the Lightweight Directory Access Protocol (LDAP)/DNS name of an Active Directory domain. The Active Directory rename tool can be used for this purpose, but only in domains that have completely upgraded to Windows Server 2003 domain controllers.

  • Cross-Forest Transitive Trusts— Windows Server 2003 now supports the implementation of transitive trusts that can be established between separate Active Directory forests. Windows 2000 supported only explicit cross-forest trusts, and the trust structure did not allow for permissions to flow between separate domains in a forest. This limitation has been lifted in Windows Server 2003.

  • Universal Group Caching— One of the main structural limitations of Active Directory was the need to establish very “chatty” global catalog servers in every site established in a replication topology, or run the risk of extremely slow client logon times and directory queries. Windows Server 2003 enables remote domain controllers to cache universal group memberships for users so that each logon request does not require the use of a local global catalog server.

  • Inter-Site Topology Generator (ISTG) Improvements— The ISTG in Windows Server 2003 has been improved to support configurations with extremely large numbers of sites. In addition, the time required to determine site topology has been noticeably improved through the use of a more efficient ISTG algorithm.

  • Multivalued Attribute Replication Improvements— In Windows 2000, if a universal group changed its membership from 5,000 users to 5,001 users, the entire group membership had to be rereplicated across the entire forest. Windows Server 2003 addresses this problem and allows incremental membership changes to be replicated.

  • Lingering Objects (Zombies) Detection— Domain controllers that have been out of service for a longer period of time than the Time to Live (TTL) of a deleted object could theoretically “resurrect” those objects, forcing them to come back to life as zombies, or lingering objects. Windows Server 2003 properly identifies these zombies and prevents them from being replicated to other domain controllers.

  • AD-Integrated DNS Zones in Application Partition— Replication of DNS zones has been improved in Windows Server 2003 by storing AD-integrated zones in the application partition of a forest, thus limiting their need to be replicated to all domain controllers and reducing network traffic.

4.1 Migrating Domain Controllers

When planning a migration of the Active Directory environment, it is considered wise to make a plan to upgrade all domain controllers in an environment to Windows Server 2003. Unlike with member servers, the full benefits of the Active Directory improvements in Windows Server 2003 and the ability to install Exchange 2007 in the forest are not fully realized until the entire environment is “Windows Server 2003 functional.”

The domain controllers can either be directly upgraded to Windows Server 2003 or replaced by newly introduced Windows Server 2003 domain controllers. The decision to upgrade an existing server largely depends on the hardware of the server in question. The rule of thumb is, if the hardware will support Windows Server 2003 now and for the next 2 to 3 years, a server can be directly upgraded. If this is not the case, using new hardware for the migration is preferable.

Note

A combined approach can be and is quite commonly used to support a scenario in which some hardware is current but other hardware is out-of-date and will be replaced. Either way, the decisions applied to a proper project plan can help to ensure the success of the migration.


4.2 Upgrading the AD Schema Using adprep

The introduction of Windows Server 2003 domain controllers into a Windows 2000 Active Directory requires that the core AD database component, the schema, be updated to support the increased functionality. In addition, several other security changes need to be made to prepare a forest for inclusion of Windows Server 2003. The Windows Server 2003 CD includes a command-line utility called adprep that will extend the schema to include the extensions required and modify security as needed. Adprep requires that both forestprep and domainprep be run before the first Windows Server 2003 domain controller can be added.

The Active Directory schema in Windows 2000 is composed of 1,006 attributes, by default, as shown in Figure 3. After running adprep forestprep, the schema will be extended to include additional attributes that support Windows Server 2003 functionality.

Figure 3. ADSI Edit before running forestprep.

Note

Windows Server 2003 R2 contains additional schema updates, above and beyond the additions that the RTM version of Windows Server 2003 introduced. If adprep is run from a server running R2, the schema will be extended to include not only the 2003 enhancements, but the R2 ones as well.


The adprep utility must be run from the Windows Server 2003 CD or copied from its location in the \i386 folder. The adprep/forestprep operation can be run on the server that holds the Schema Master Operations Master (OM) role by following these steps:

1.
On the Schema Master domain controller, choose Start, Run, type cmd in the Open text box, and click OK to open a command prompt.

2.
Enter the Windows Server 2003 CD into the CD drive.

3.
Where D: is the drive letter for the CD drive, type in D:\i386\adprep/forestprep, and press Enter.

4.
Upon verification that all domain controllers in the AD forest are at Windows 2000 Server Service Pack 2 or greater, type C at the prompt and press Enter.

5.
The forestprep procedure extends the Windows 2000 AD schema. After the schema is extended, it is replicated to all domain controllers in the forest. Finally, close the command prompt window.

After this step is accomplished, the domainprep procedure must be run.

The adprep /domainprep operation must be run once in every domain in a forest. It must be physically invoked on the server that holds the Operations Master (OM) role. The steps for executing the domainprep procedure are as follows:

1.
On the Operations Master domain controller, open a command prompt (choose Start, Run, type cmd, and press Enter).

2.
Enter the Windows Server 2003 CD into the CD drive.

3.
Where D:\ is the CD drive, type D:\i386\adprep/ domainprep and press Enter.

4.
Type exit to close the command prompt window.

After the forestprep and domainprep operations are run, the Active Directory forest will be ready for the introduction or upgrade of Windows Server 2003 domain controllers. The schema is extended and includes support for application partitions and other enhancements. The process of upgrading the domain controllers to Windows Server 2003 can then commence.

Note

Any previous extensions made to a Windows 2000 schema, such as those made with Exchange 2000/2003, are not affected by the adprep procedure. This procedure simply adds additional attributes and does not change those that currently exist.

Other -----------------
- Microsoft Systems Management Server 2003 : Understanding Status Summarizers (part 3) - Configuring Status Summarizers - Site System Status Summarizer
- Microsoft Systems Management Server 2003 : Understanding Status Summarizers (part 2) - Configuring Status Summarizers - Component Status Summarizer
- Microsoft Systems Management Server 2003 : Understanding Status Summarizers (part 1) - Display Interval , Status Message Thresholds
- Microsoft Systems Management Server 2003 : Analysis and Troubleshooting Tools - Working with Status Messages (part 2) - Setting Status Message Viewer Options
- Microsoft Systems Management Server 2003 : Analysis and Troubleshooting Tools - Working with Status Messages (part 1) - Viewing Site Status Messages
- Microsoft Dynamic CRM 4 : Data Migration (part 4) - Creating a Data Migration
- Microsoft Dynamic CRM 4 : Data Migration (part 3) - Creating a CRM Adapter Publisher
- Microsoft Dynamic CRM 4 : Data Migration (part 2) - Scribe Workbench - Target Configuration
- Microsoft Dynamic CRM 4 : Data Migration (part 1) - Scribe Workbench - Source and Target Definitions, Source Configuration
- BizTalk 2006 : Using BizTalk Framework 2.0 Reliable Messaging (part 2) - Acknowledgement Verification
 
 
Top 10
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
 
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server