Forest Prep Failure due to OS X Schema

Archived from groups: microsoft.public.win2000.active_directory (More info?)

ah, that was logical.

This is the output.

Connecting to "servername.domain.domain.domain.domain"
Logging in as current user using SSPI
Importing directory from file "rename.txt"
Loading entries
1:
CN=unixID,CN=Schema,CN=Configuration,dc=domain,dc=domain,dc=domain,dc=domain
Entry modified successfully.


There is a syntax error in the input file
Failed on token starting with '1' on line 17
1 entry modified successfully.
An error has occurred in the program


like 17 seems to be a line with - on it

Archived from groups: microsoft.public.win2000.active_directory (More info?)

In news:1127097508.244770.325730@g14g2000cwa.googlegroups.com,
Taylor555@gmail.com <Taylor555@gmail.com> made this post, which I then
commented about below:
> Currently having an issue with upgrading 4dc to win2k3, when a adprep
> /forestprep is done it returns an error in the ldif logs saying
>
> "20:
> CN=x500uniqueIdentifier,CN=Schema,CN=Configuration,DC=mbi,DC=ufl,DC=edu
> Entry DN:
> CN=x500uniqueIdentifier,CN=Schema,CN=Configuration,DC=mbi,DC=ufl,DC=edu
> Add error on line 275: Unwilling To Perform"
>
> the DC has had the OS X Schema update applied to it several years ago,
> it is no longer needed.
>
> I have attempted to follow the KB Article >
> http://support.microsoft.com/?kbid=887426 < and it's only until I get
> up to Part 3 where I start getting confused.
>
> part 3 step b (with dc=forest,dc=root replaced with my domain) giving
> me an error.
>
> Connecting to "servername.domain.domain.domain.domain"
> Logging in as current user using SSPI
> Importing directory from file "rename.txt"
> Error occured during initialization
> File operation failure
> 0 entries modified successfully.
> An error has occurred in the program
>
> i have noticed that when running that step it tries to import a file
> called rename.txt, but where does the file come from? it's not being
> generated from anyplace that i can tell unless you remove the -i from
> the command in part 3 step b, but this means that microsoft made a
> typo which is kinda unlikely.
>
> We have 4DCs here each running win2k SP, I have our 4 DCs in a test
> environment which is an exact replica of the production environment,
> so I can afford to play around with some things.
>
>
> any advice?

If you read the rest of that article, the next grayed out box has the
rename.txt that you have to create by copying and pasting into notepad, then
save it to a location you can run ldifde from. You can save it to C: drive,
then run ldifde from C: drive so it can find rename.txt. For your
convenience, I am copying/pasting the ldif file (rename.txt) here. You can
copy and paste it from here or from the article. Give that a shot and report
back if you still have problems.

Copy and paste what is between the "===" lines but do not copy the "==="
line itself.
=================================
# Script to recover from Apple's use of W2K3 object identifier 2.5.4.45
#
# Run this script on the Windows 2000 Schema FSMO
# SYNTAX C:> ldifde -i -f rename.txt -v -c DC=X dc=forest,dc=root
# Note: replace dc=forest,dc=root with the forest root for your enterprise

dn: CN=unixID,CN=Schema,CN=Configuration,DC=X
changetype: Modify
replace: lDAPDisplayName
lDAPDisplayName: x500uniqueIdentifier
-

dn: CN=unixID,CN=Schema,CN=Configuration,DC=X
changetype: modrdn
newrdn: cn=x500uniqueIdentifier
deleteoldrdn: 1
-

dn:
changetype: Modify
add: schemaUpdateNow
schemaUpdateNow: 1
=================================


--
Regards,
Ace

If this post is viewed at a non-Microsoft community website, and you were to
respond to it through that community's website, I may not see your reply.
Therefore, please direct all replies ONLY to the Microsoft public newsgroup
this thread originated in so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Infinite Diversities in Infinite Combinations.
=================================

Archived from groups: microsoft.public.win2000.active_directory (More info?)

In news:1127102708.554836.153750@g49g2000cwa.googlegroups.com,
Taylor555@gmail.com <Taylor555@gmail.com> made this post, which I then
commented about below:
> ah, that was logical.
>
> This is the output.
>
> Connecting to "servername.domain.domain.domain.domain"
> Logging in as current user using SSPI
> Importing directory from file "rename.txt"
> Loading entries
> 1:
> CN=unixID,CN=Schema,CN=Configuration,dc=domain,dc=domain,dc=domain,dc=domain
> Entry modified successfully.
>
>
> There is a syntax error in the input file
> Failed on token starting with '1' on line 17
> 1 entry modified successfully.
> An error has occurred in the program
>
>
> like 17 seems to be a line with - on it

Hmm, well at least it got one of the changes done. The dash denotes end of
record for each section. Maybe a syntax in that section to change RDN? This
is what it is supposed to look like.

dn: CN=unixID,CN=Schema,CN=Configuration,DC=X
changetype: modrdn
newrdn: cn=x500uniqueIdentifier
deleteoldrdn: 1
-

Now, if the syntax was correct, and the attribute was already changed while
you were testing it or from a previous run, maybe that's why the error
because the value it is looking for is no longer there. You can go into the
schema snapin to manually check if it was changed. Please check it to see if
they were changed. if you can't find a "unixID", and the
"x500uniqueIdentifier" exists, then that means it was already changed. if
the other way around, then it didn't change it yet.

Also look for "lDAPDisplayName" if it is "x500uniqueIdentifier" too, since
that is what it's changing it to.

You can actually change it manually in there too, but let the script handle
it to insure no errors.

Let's take a look at your file. Please copy and paste the file you used in
your reply, or attach it as a .txt file to your post, if you can. Let me
take a look at it please.

Ace

Archived from groups: microsoft.public.win2000.active_directory (More info?)

It seems to have worked fine, the adprep /forestprep and /domainprep
finished without issue this time. I'll be upgrading the 4dcs in the
test lab to 2k3 and remove the schema after that.

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Update.

started the upgrade of the primary DC which holds the FSMO roles...
completed the winnt32.exe /checkupgradeonly and it was okay.

started the upgrade, it started to install, rebooted as normal.. (i
left the office)
i got back to the office and the monitor was totally blank with the
monitor light being lit. tried the monitor without a KVM, no
difference.. tried all the basic things to get it back with no luck..
the computer was hard rebooted

the computer now turns on, starts loading the windows 2003 server
screen when it stops and restarts... it does a loop of this.

directory services recover mode doesn't work, nor does safemode or last
known good configuration.

i booted off the cd again and resumed the upgrade... it tries to
continue but then reboots and the the same thing above starts
happening.

so what can i do? i made sure i did a system state backup before i
commenced this. just install win2k server again, complete the restore
and try again?

or can i blow away the system and start a fresh install and dcpromo it?
but since this is the DC that is the schema master and everything is
that a wise idea?

advice?

Archived from groups: microsoft.public.win2000.active_directory (More info?)

In news:1127179952.905733.150430@g14g2000cwa.googlegroups.com,
Taylor555@gmail.com <Taylor555@gmail.com> made this post, which I then
commented about below:
> Update.
>
> started the upgrade of the primary DC which holds the FSMO roles...
> completed the winnt32.exe /checkupgradeonly and it was okay.
>
> started the upgrade, it started to install, rebooted as normal.. (i
> left the office)
> i got back to the office and the monitor was totally blank with the
> monitor light being lit. tried the monitor without a KVM, no
> difference.. tried all the basic things to get it back with no luck..
> the computer was hard rebooted
>
> the computer now turns on, starts loading the windows 2003 server
> screen when it stops and restarts... it does a loop of this.
>
> directory services recover mode doesn't work, nor does safemode or
> last known good configuration.
>
> i booted off the cd again and resumed the upgrade... it tries to
> continue but then reboots and the the same thing above starts
> happening.
>
> so what can i do? i made sure i did a system state backup before i
> commenced this. just install win2k server again, complete the restore
> and try again?
>
> or can i blow away the system and start a fresh install and dcpromo
> it? but since this is the DC that is the schema master and everything
> is that a wise idea?
>
> advice?

DOn't blow it away. And apparently a system state restore won't work since
you can't get into Windows, unless your backup software has the opton for a
bare-metal restore.

Try booting from the Win2003 cd and select R, then R again to "upgrade" it,
which is pretty much a fresh install but keeping your current settings and
configuration.

When upgrading there are a few things to keep in mind, one is to disable any
AV software and remove any cards such as LPT cards, or modems, etc. It
sounds like either a driver issue or the MBR got hosed.

Check out this FAQ:

Common Mistakes When Upgrading a Windows 2000 Domain To a Windows 2003
Domain
http://support.microsoft.com/default.aspx?scid=kb;en-us;555040

Ace