In my last article on this subject – which is located HERE I started explaining how you can ago about upgrading your Windows 2000 domain (and Active Directory) to Windows 2003 when you have a single DC with Exchange 2003 Installed on it – or – if you have the scenario where you have more than one domain controller which is Windows 2000 based but Exchange 2003 is installed on one of the DC’s.
I went through how you can close down Exchange for the process, and how you can enabled the Windows schema for updating, I further went on to explain how you can avoid “Mangled” attributes when you come to run the Windows 2003 schema update.
Before I get on with the process of upgrading the servers to Windows 2003 I would like to clarify what platforms Exchange is supported to run on:
|
Version of Exchange |
Installed on Windows 2000 |
Installed on Windows 2003 |
| Exchange 2000 with or without SP1 | Yes – and can be installed with Windows 2000 domain controllers | No – and cannot be installed where your domain controllers are all Windows 2003 |
| Exchange 2000 with SP 2 | Yes – and can be installed with Windows 2000 domain controllers | No – however a hotfix can be installed to allow Exchange 2000 to work with Windows 2003 DC’s |
| Exchange 2000 with SP 3 and above | Yes – and can be installed with Windows 2000 domain controllers | No – however it can be installed in a domain with Windows 2003 DC’s |
| Exchange 2003 | Yes | Yes |
So from the above it is important to Note that IF you are using this article to upgrade your Windows 2000 domain controller to Windows 2003 AND you are running EXCHANGE 2000 on the same machine – then YOU MUST UPGRADE EXCHANGE FIRST – please bear in mind that I am writing about Exchange 2003 already being installed on the Windows 2000 machine – Exchange 2000 will not work on a Windows 2000 machine or domain controller.
Step 4 – Pre-checks before updating the Schema:
In single Domain Controller environments this step can normally be skipped, however I recommend running through them just in case there is a problem with your Domain Controller / Exchange server that you are not aware of:
At this stage you should download the Windows 2000 SP4 Support tools which are available from here: http://download.microsoft.com/download/2/0/C/20C1B0F7-B803-4BAB-BA2F-27DDCADAD68E/sp4supporttools.exe
When you have downloaded the tools you should install them on your server.
- Check that Active Directory is functioning properly;
To do this open a command prompt on your server and then type in c:\cd program files\support tools\ then press enter.
Then type in this command: dcdiag /v >c:\dcdiag.txt then press enter – the following is an example of what you screen should look like:
You then need to navigate to the root of the C:\ drive on your server where you will find a file called “dcdiag.txt” – open this file in Windows Notepad and look through for any errors – you will need to get these resolved BEFORE you proceed to the next step – for reference below is an example of the DCDiag.txt files from my test lab machine – now there is a possibility that there will be some errors in your logs, unfortunately I cannot go through them all them as some are very much environment specific – however the most common are replication errors (if you have more than one DC or Error events that have been logged in the Directory / System or File Replication Service Event logs – bear in mind they might be old events that you have fixed – however you SHOULD ensure that all errors from the DCDIAG log are fixed before proceeding.
Domain Controller DiagnosisPerforming initial setup:
* Verifying that the local machine LDN-EX1, is a DC.
* Connecting to directory service on server LDN-EX1.
* Collecting site info.
* Identifying all servers.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\LDN-EX1
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... LDN-EX1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\LDN-EX1
Starting test: Replications
* Replications Check
......................... LDN-EX1 passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=ldn,DC=com
* Security Permissions Check for
CN=Configuration,DC=ldn,DC=com
* Security Permissions Check for
DC=ldn,DC=com
......................... LDN-EX1 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... LDN-EX1 passed test NetLogons
Starting test: Advertising
The DC LDN-EX1 is advertising itself as a DC and having a DS.
The DC LDN-EX1 is advertising as an LDAP server
The DC LDN-EX1 is advertising as having a writeable directory
The DC LDN-EX1 is advertising as a Key Distribution Center
The DC LDN-EX1 is advertising as a time server
The DS LDN-EX1 is advertising as a GC.
......................... LDN-EX1 passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=LDN-EX1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ldn,DC=com
Role Domain Owner = CN=NTDS Settings,CN=LDN-EX1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ldn,DC=com
Role PDC Owner = CN=NTDS Settings,CN=LDN-EX1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ldn,DC=com
Role Rid Owner = CN=NTDS Settings,CN=LDN-EX1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ldn,DC=com
Role Infrastructure Update Owner = CN=NTDS Settings,CN=LDN-EX1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ldn,DC=com
......................... LDN-EX1 passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 3102 to 1073741823
* LDN-EX1.ldn.com is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 2602 to 3101
* rIDNextRID: 2810
* rIDPreviousAllocationPool is 2602 to 3101
......................... LDN-EX1 passed test RidManager
Starting test: MachineAccount
* SPN found :LDAP/LDN-EX1.ldn.com/ldn.com
* SPN found :LDAP/LDN-EX1.ldn.com
* SPN found :LDAP/LDN-EX1
* SPN found :LDAP/LDN-EX1.ldn.com/LDN
* SPN found :LDAP/51cd3921-8b34-4dca-89a9-59b82cacdc54._msdcs.ldn.com
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/51cd3921-8b34-4dca-89a9-59b82cacdc54/ldn.com
* SPN found :HOST/LDN-EX1.ldn.com/ldn.com
* SPN found :HOST/LDN-EX1.ldn.com
* SPN found :HOST/LDN-EX1
* SPN found :HOST/LDN-EX1.ldn.com/LDN
* SPN found :GC/LDN-EX1.ldn.com/ldn.com
......................... LDN-EX1 passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: RPCLOCATOR
* Checking Service: w32time
* Checking Service: TrkWks
* Checking Service: TrkSvr
* Checking Service: NETLOGON
* Checking Service: Dnscache
* Checking Service: NtFrs
......................... LDN-EX1 passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
LDN-EX1 is in domain DC=ldn,DC=com
Checking for CN=LDN-EX1,OU=Domain Controllers,DC=ldn,DC=com in domain DC=ldn,DC=com on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=LDN-EX1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ldn,DC=com in domain CN=Configuration,DC=ldn,DC=com on 1 servers
Object is up-to-date on all servers.
......................... LDN-EX1 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service Event log test
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
......................... LDN-EX1 passed test frssysvol
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15 minutes.
......................... LDN-EX1 passed test kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... LDN-EX1 passed test systemlog
Running enterprise tests on : ldn.com
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... ldn.com passed test Intersite
Starting test: FsmoCheck
GC Name: \\LDN-EX1.ldn.com
Locator Flags: 0xe00001fd
PDC Name: \\LDN-EX1.ldn.com
Locator Flags: 0xe00001fd
Time Server Name: \\LDN-EX1.ldn.com
Locator Flags: 0xe00001fd
Preferred Time Server Name: \\LDN-EX1.ldn.com
Locator Flags: 0xe00001fd
KDC Name: \\LDN-EX1.ldn.com
Locator Flags: 0xe00001fd
......................... ldn.com passed test FsmoCheck
When you are happy that the any issues found in your logs have been fixed, we are ready to proceed with the Schema Update – before we do this however, if you have more than one DC in your domain I recommend that you remove the Network connection from the Domain Controller / Exchange Server that you are working on (I am assuming that this server will also be your Schema Master FSMO role holder) – my reason for this is:
- This will prevent the DC that you are working on from replicating the schema changes to any other domain controller in your domain, this can act as a final safety net in the Event that something goes wrong you can use the remaining DC to resurrect your domain be seizing all of the FSMO roles on to it. You might have also read that you can disable out-bound replication using the support tools “repadmin” tool – however I have heard that this does not always work, so the remove the plug method is the safest way.
If you are thinking, but I only have one domain controller – what if it goes wrong – that is why we took a backup in Step 1.
Step 5 – The process to update the schema and domain:
On your Domain Controller / Exchange server place the Windows 2003 CD-ROM in the drive and then open a Windows command prompt and then type in the following:
<Letter of your CD-ROM Drive> – for example D: and press enter.
cd i386 <enter>
adprep /ForestPrep <enter>
You will be presented with the following screen as long as your server meets the criteria displayed then proceed to the next part:
Type in C and then press <enter> setup will then begin to upgrade the Schema – see below:
When ADPREP has finished you will be presented with the following screen:
This means that you are now in a position to run the Domain Prep – if you have two or more domain controllers it is at this stage where you should plug your Domain Controller / Exchange server back into the network and go and have a cup of tea whilst domain replication take places.
When you come back from the command prompt type:
adprep /domainprep <enter>
The screen will change to look like the example below (domainprep does not take long)
Then type in the following command at the command prompt
adprep /domainprep /gpprep <enter>
When you have done the above you are ready to upgrade the entire machine to Windows 2003.
From the command prompt (ensuring that you are still in I386) type WINNT32 and then press <enter> – Window 2003 setup will then launch – see below;
Ensure that the UPGRADE option is selected and then click on the “Next” button – the screen will change to the following;
Ensure that the click on the “I Accept the agreement option” and then click on the “Next” button.
Enter in the product key that you have for Windows (no you don’t get to see mine 
) and then click on the “Next” button.
You will then be asked if you wish to update Windows setup to the latest version – you can either choose yes or no here, I will leave it up to you, however when you have made your choice click on the “Next” button.
Here you will be prompted with the software that has been found on your system which may experience issues with Windows 2003 – generally speaking if you have a Warning you can click on the “Next” button, however if you have an Error – you will need to rectify the problem before continuing.
When you click on the “Next” button setup will then reboot your computer and install the options that you have selected.
Here I recommend that you go away, make dinner, have a cup of tea and then get through the first six missions in Half Life 2 as its going to take a little while to perform the upgrade (about 1.5 hours or so).
When the installation has completed your system will reboot and when completed you (hopefully) will be presented with the familiar CTRL-ALT-Delete dialog box, only this time for Windows 2003 – see below;
Logon to your Domain Controller / Exchange server and then open a command prompt – in the first part of this article I got you to install the Exchange2003-DomainUpgradePrep.vbs into c:\upgrd – please type in the following:
cd upgrd <enter>
cscript.exe c:\upgrd\Exchange2003-DomainUpgradePrep.vbs PrepCom <enter>
This will enable and then start all of the Exchange Services – which should be checked via the Services MMC – if some services do not appear to enable and start – please enable them manually and then reboot the machine.
When all of the services have started, open up the ESM and ensure that all databases have been mounted and the Organisation looks the way it was prior to the upgrade – then – open up OWA from a client and try to log into a mailbox and send some mail.
Other tests that you can perform include, sending mail in, and ensuring that MAPI clients can connect to the server.
When you are happy that everything is functioning normally you can go about applying Service Packs and Updates – but that is another article all together – remember to beware of Windows 2003 SP2 with Exchange servers!
