Exchange 2016: Prepare Active Directory
This blog is a walk through process of updating schema, active directory and domains for Exchange 2016. The same steps can be used for any cumulative update or any current Exchange server version.
Disable the replication on the schema master domain controller
repadmin /options SchemaMasterDCName +DISABLE_OUTBOUND_REPL
repadmin /options SchemaMasterDCName +DISABLE_INBOUND_REPL
Open Even Viewer and check directory services logs for the event id 1115 and 1113.
Install RSAT AD tools using Windows PowerShell to run AD update and preparation commands from Exchange 2016 server:
If you have already installed in from GUI then you will see below Exit code and Feature Result.
Run Exchange 2016 Schema Update
.\setup.exe /Prepareschema /IacceptExchangeServerLicenseTerms
Restart the DC once schema update completes.
Testing the DC working with the following tools
-Run Dcdiag, replication test will fail which is know because we have disabled replication
-Open mmc and connect to schema and review it is opening nicely
-Open ADUC and see if you can access the AD objects
Run the command to check the schema level.
dsquery * CN=ms-Exch-Schema-Version-Pt,cn=schema,cn=configuration,dc=<Domain>,dc=<local> -scope base -attr rangeUpper
Example: dsquery * CN=ms-Exch-Schema-Version-Pt,cn=schema,cn=configuration,dc=mig2016,dc=com -scope base -attr rangeUpper
Now verify at Microsoft TechNet link here.
If the result is healthy then Enable the replication on the schema master domain controller, then enable the replication by running the following commands:
repadmin /options SchemaMasterDCName -DISABLE_OUTBOUND_REPL
repadmin /options SchemaMasterDCName -DISABLE_INBOUND_REPL
AD replication and verification:
-Open Active Directory Site and services and force the replication.
-Wait for the replication to complete.
-Open the command prompt and run the following commands to sync all domain controllers
repadmin /syncall /force
-Open the command prompt and run the following commands to review the replication and any failed or error.
If you find the domain controller has got corrupted the active directory database, then continue to disable the replication and report a bug at Microsoft. Once issue has been reported.
Once Microsoft collects all the reports, format this domain controller and seize the FSMO roles on the other domain controller. Now wait for Microsoft’s resolution or revised version of Exchange.
Remember you can’t revert FSMO seizing.
Open Even Viewer and check directory services logs for the event id 1114 and 1116
AD schema update has completed.
Important note: No Exchange Server 2013 roles have been detected in this topology. After this operation, you will not be able to install any Exchange Server 2013 roles.
In my setup there is Exchange 2010 and no Exchange 2013 so Exchange AD preparation is informing that Exchange 2013 can’t be installed after we run this command.
If you have any plan or application compatibility requirement to install Exchange 2013 then make sure to do it before starting Exchange 2016 schema update.
Run the following Exchange 2016 Active directory Preparation command:
.\setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms /OrganizationName:orgname
PrepareAD has completed here.
In a multi-domain active directory forest, we can either run /preparedomain to update one domain at a time or use /preparealldomains to update all domains in one go.
Run the following Exchange 2016 Domain Preparation command:
.\setup.exe /PrepareAllDomains /IAcceptExchangeServerLicenseTerms
Domain Preparation has completed here.
We can again test and run the Active Directory health checks.
This completes Exchange 2016 Active Directory Preparation.
Microsoft MVP | Exchange Server