I want to add an additional domain controller to our existing domain. Right now we have only have one domain controller running on Windows Server 2003. I tried to promote a Windows Server 2012 to be another domain controller for our domain. Unfortunately the prerequisites check fails with the message:
Verification of prerequisites for Active Directory preparation failed. A previous schema
extension has defined some attribute value differently than the schema extension needed for
this version of Windows Server.
Is there a possibility to check, what's wrong here and how to fix this? I found the log file and it complains about quite some attribute values:
=============================================================================
"attributeId" attribute value for objects defined in Windows 2000
schema and extended schema do not match. [2013/01/14:10:50:39.622] A
previous schema extension has defined the attribute value as
"1.2.840.113556.1.4.7000.187.70" for object
"CN=uidNumber,CN=Schema,CN=Configuration,DC=xxx,DC=de" differently
than the schema extension needed for Windows Server 2008 R2.[Status/Consequence] Adprep cannot extend your existing schema
[User Action] Contact the vendor of the application that previously
extended the schema to resolve the inconsistency. Then run adprep
again. [2013/01/14:10:50:39.627]============================================================================= "attributeId" attribute value for objects defined in Windows 2000
schema and extended schema do not match. [2013/01/14:10:50:39.627] A
previous schema extension has defined the attribute value as
"1.2.840.113556.1.4.7000.187.71" for object
"CN=gidNumber,CN=Schema,CN=Configuration,DC=xxx,DC=de" differently
than the schema extension needed for Windows Server 2008 R2.[Status/Consequence] Adprep cannot extend your existing schema
[User Action] Contact the vendor of the application that previously
extended the schema to resolve the inconsistency. Then run adprep
again. [2013/01/14:10:50:39.628]
and some more…
I found out that the active directory schema was updated by an (unfinished) lync installation 2 yeas ago. Maybe this has caused the problems now.
I don't know if there was initially a Windows 2000 DC installed.
Best Answer
The Microsoft Support Team finally found a solution to this problem. The real underlying problem is: Microsoft Windows Services for UNIX 2.0 is installed in the Windows Server 2003 forest or in the Windows 2000 forest. If you try to prepare the Windows Server 2003 forest for Windows Server 2003 R2 (or higher) you receive the following error message:
To fix this behavior there is a hot fix: http://support.microsoft.com/kb/919938. After installing the fix I was able to promote the Windows Server 2012 as domain controller next to a Windows Server 2003 domain controller.
I want to say thank you to all of you here for your support in this question. The answers and comments gave valuable hints to head towards the right direction.