Archive

Archive for July, 2011

Error Running ADPrep /rodcprep

Recently working with one of my customers I ran into this issue when running the ADPrep /rodcprep while upgrading from Windows Server 2003 AD to Windows Server 2008 R2 AD.  ADPrep /forestprep and /domainprep /gpprep ran without issue.

Issue

Found in ADPrep log after running adprep /rodcprep on a Domain Controller.

Adprep found partition DC=DomainDnsZones,DC=domain,DC=com, and is about to update the permissions.
Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is CN=Infrastructure,DC=DomainDnsZones,DC=domain,DC=com.
LDAP API ldap_search_s finished, return code is 0x0
Adprep could not contact a replica for partition DC=DomainDnsZones,DC=domain,DC=com.
Adprep encountered an LDAP error.
Error code: 0x0. Server extended error code: 0x0, Server error message: (null).
Adprep failed the operation on partition DC=DomainDnsZones,DC=domain,DC=com. Skipping to next partition.

This issue was caused by a previous DC failure that held the Infrastructure Master FSMO role on it and had to be seized.

You can use tools such as the LDP tool, the Active Directory Service Interfaces (ADSI) Edit tool, and the ldifde tool to perform these queries. For example, the following query uses the Idifde tool:

ldifde -f Infra_DomainDNSZones.ldf -d “CN=Infrastructure,DC=DomainDnsZones,DC=contoso,DC=com” -l fSMORoleOwner

This query returns the infrastructure master role owner for the DC=DomainDnsZones,DC=domain,DC=com partition to the Infra_DomainDNSZones.ldf file.

Resolution

http://support.microsoft.com/kb/949257

Run the VBS script with the following command:

cscript fixfsmo.vbs DC=DomainDnsZones,DC=domain,DC=com

Categories: Active Directory