Exchange 2019: Prepare Active Directory

2019, Exchange, ,

This blog is a walk-through process of Exchange 2019 Active Directory Update including updating schema, active directory and domains for Microsoft Exchange Server 2019. The same steps can be used for any cumulative update versions.

Go through System Requirement and Prerequisites: https://laexugfoundation.org/prabhat/2019/12/e2019prereq

PrepareSchema

  • Disable the replication on the schema master domain controller by running the following cmdlets:

repadmin /options SchemaMasterDCName +DISABLE_OUTBOUND_REPL

repadmin /options SchemaMasterDCName +DISABLE_INBOUND_REPL


Verification:

Open Even Viewer and check directory services logs for the event id 1115 and 1113.




Install RSAT AD tools using Windows PowerShell to run AD update and preparation commands from Exchange 2019 server:

Install-windowsFeature RSAT-ADDS


    If you have already installed in from GUI then you will see below Exit code and Feature Result.

    

Run Exchange 2019 Schema Update

.\setup.exe /Prepareschema /IacceptExchangeServerLicenseTerms


Restart the DC once schema update completes.

Testing the DC working with the following tools

-Run Dcdiag, replication test will fail which is know because we have disabled replication

-Open mmc and connect to schema and review it is opening nicely. If you don’t see Schema mmc then run the below command and it will appear.

regsvr32 schmmgmt.dll

-Open ADUC and see if you can access the AD objects

Run the command to check the schema level.

dsquery * CN=ms-Exch-Schema-Version-Pt,cn=schema,cn=configuration,dc=<Domain>,dc=<local> -scope base -attr rangeUpper

Example: dsquery * CN=ms-Exch-Schema-Version-Pt,cn=schema,CN=Configuration,DC=Domain,DC=com -scope base -attr rangeUpper


    Now verify at Microsoft TechNet link here.


If the result is healthy then Enable the replication on the schema master domain controller, then enable the replication by running the following commands:

repadmin /options SchemaMasterDCName -DISABLE_OUTBOUND_REPL

repadmin /options SchemaMasterDCName -DISABLE_INBOUND_REPL


AD replication and verification:

-Open Active Directory Site and services and force the replication.

-Wait for the replication to complete.

-Open the command prompt and run the following commands to sync all domain controllers

repadmin /syncall /force

Open the command prompt and run the following commands to review the replication and any failed or error.

repadmin /replsum

repadmin /showrepl

Dcdiag /v

If you find the domain controller has got corrupted the active directory database, then continue to disable the replication and report a bug at Microsoft.

Once Microsoft collects all the reports, format this domain controller and seize the FSMO roles on the other domain controller. Now wait for Microsoft’s resolution or revised version of Exchange.

Remember you can’t revert FSMO seizing.

Verification:

Open Even Viewer and check directory services logs for the event id 1114 and 1116



AD schema update has completed.

PrepareAD

Important note: No Exchange Server 2013 roles have been detected in this topology. After this operation, you will not be able to install any Exchange Server 2013 roles.

In my setup there is no Exchange 2013 and no Exchange 2016 so Exchange AD preparation is informing that Exchange 2013 and 2016 can’t be installed after we run this command.

If you have any plan or application compatibility requirement to install Exchange 2013 and 2016 then make sure to do it before starting Exchange 2019 schema update.

Run the following Exchange 2019 Active directory Preparation command:

.\setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms /OrganizationName:orgname


PrepareAD has completed here.

PrepareDomain

In a multi-domain active directory forest, we can either run /preparedomain to update one domain at a time or use /preparealldomains to update all domains in one go.

Run the following Exchange 2019 Domain Preparation command:

.\setup.exe /PrepareAllDomains /IAcceptExchangeServerLicenseTerms


Domain Preparation has completed here.

We can again test and run the Active Directory health checks.

This completes Exchange 2019 Active Directory Preparation.

Prabhat Nigam

Team@GoldenFiveConsulting

CTO @ Golden Five | CEO at LAExUG Foundation

Prabhat is 3 times Microsoft MVP Award winner. He is MBA in Information Technology and he is working as a CTO at Golden Five Consulting which is a Microsoft Gold Partner, MSP, T1CSP, and Education partner. He helps in designing, implementing, managing and supporting solutions for private messaging cloud, mergers, a collaboration between different messaging software and other migration & deployment projects for the following technologies Office 365, Azure, AWS, Exchange, SQL, ADFS, MFA, FIM, MIM and Directory services. He has worked for all big IT giants either as an employee or contractor where he has led the Global teams. He has started his career as Technical Consultant in Exchange 5.5 with Microsoft PSS and his exchange love never stopped & continued with 2000/2003/2007/2010/2013/2016/2019/O365. At one point in time, he was the only person to support EDS customers when Microsoft had closed all the supports for 5.5 and now for all old legacy Exchange versions.
He used to blog at MSExchangeGuru.com, manages multiple LinkedIn and Facebook Groups. He also Owns MSExchnageGuru YouTube channel where he uploads all his records technical sessions. Don’t forget to check his PowerShell scripts which are making admins life easier. Prabhat can be reached at PN@GoldenFive.net.

Leave Comment

Your email address will not be published. Required fields are marked *