KnowledgeBase: Adprep "not a valid Win32 application" error on Windows Server 2003, 64-bit version

Reading Time: 4 minutes

Microsoft KnowledgeBaseRecently, Microsoft released KnowledgeBase article 2743367 with the ominous title Adprep "not a valid Win32 application" error on Windows Server 2003, 64-bit version.

When you’ve been reading this blog, you might have already guessed what might be causing this issue, even though adprep.exe on the Windows Server 2012 DVD is a perfectly fine Windows 64bit application.

In Windows Server 2012, Active Directory Domain Services features a new upgrade process. I’ve detailed this new process in detail in the blog post titled New features in Active Directory Domain Services in Windows Server 2012, Part 3: New Upgrade Process last month.

Basically, this upgrade process introduces four new features:

  1. Automatic Active Directory domain and forest preparation when you promote the first Windows Server 2012-based server to a Domain Controller.
  2. Automatic targeting of the Domain Controllers holding the appropriate Flexible Single Master operations (FSMO) roles for preparation steps.
  3. Although adprep.exe is still available for large deployments with security and process concerns surrounding schema extensions and the like, it’s only available as a 64bit executable. There is no 32bit version of adprep.exe available.
  4. Adprep.exe is now multilingual.

 

Apparently, you are looking to prepare the Active Directory domain and/or forest of your organization(s), featuring Windows Server 2003 x64-based Domain Controllers, for Windows Server 2012-based Domain Controllers and features. You are running into the error mentioned above:

Adprep "not a valid Win32 application" error on a Windows Server 2003 x64-based Domain Controller (click for original screenshot)

To resolve this issue, follow these steps:

  • Install a physical box or virtual machine with Windows Server 2012 or the 64bit version of Windows 8.

Note:
You can use the evaluation version of any of these two Windows versions, when you don’t plan to keep the installation around after you’ve prepared the domain.

Note:
Although Windows Server 2012 is only available as 64bit, Windows 8 is still available as both a 32bit and 64bit. Be sure to install a 64bit version of either Windows 8 Professional or Windows 8 Enterprise.

  • Make sure the new installation has appropriate DNS name resolution settings for the Active Directory domain and forest. These settings may include DNS Server IP addresses, and DNS search suffixes.
  • On this installation copy the entire contents of the \support\adprep folder from the Windows Server 2012 DVD.
  • Run adprep.exe from this folder.

From the list below, run the commands associated with the task(s) you’d like to perform:

 

Preparation steps

Preparing the forest

To prepare the Active Directory forest, run the following command:

adprep.exe /forestprep /forest domain.tld /user EntAdm /userdomain domain.tld /password P@ssw0rd

Where you should replace domain.tld with the DNS name for the Active Directory forest root domain and both EntAdm and P@ssw0rd with valid credentials within the forest root domain to prepare the Active Directory forest for Windows Server 2012.

Note:
By default, members of the Enterprise Admins group and the Domain Admins group in the forest root domain have the required permissions to prepare the forest root domain.

After you issue the command type c followed by [Enter].

The following line at the end of the output will indicate preparation of the domain was successful:

Adprep successfully updated the domain-wide information

 

Preparing the forest for Read-only Domain Controllers (optional)

To prepare the Active Directory forest, run the following command:

adprep.exe /rodcprep /forest domain.tld /user EntAdm /userdomain domain.tld /password P@ssw0rd

Where you should replace domain.tld with the DNS name for the Active Directory forest root domain and both EntAdm and P@ssw0rd with valid credentials within the forest root domain to prepare the Active Directory forest for Windows Server 2012.

The following line at the end of the output will indicate preparation of the domain was successful:

Rodcprep completed without errors. All partitions are updated. See the ADPrep.log in directory C:\Windows\debug\adprep\logs\ <date> for more information.

 

Preparing the domain

To prepare the Active Directory forest, run the following command:

adprep.exe /domainprep /domain domain.tld /user DomAdm /userdomain domain.tld /password P@ssw0rd

Where you should replace domain.tld with the DNS name for the Active Directory forest root domain and both EntAdm and P@ssw0rd with valid credentials within the forest root domain to prepare the Active Directory forest for Windows Server 2012.

Note:
By default, members of the Domain Admins groups have the required permissions to prepare the domain.

Note:
The Active Directory domain needs to run at least the Windows 2000 Server Native Domain Functional Level (DFL) for this command to execute correctly.

After executing, the output from this command mentions Microsoft KnowledgeBase article 324392 for more information on fixing up Group Policy permissions. Look in the paragraph above that for the following line:

Adprep successfully updated the domain-wide information

When you see this line, preparation of the domain was successful.

 

Fixing up Group Policy permissions

To fix up Group Policy permissions, run the following command:

adprep.exe /domainprep /gpprep /domain domain.tld /user DomAdm /userdomain domain.tld /password P@ssw0rd

The following line at the end of the output will indicate preparation of the domain was successful:

Adprep successfully updated the Group Policy Object (GPO) information.

 

Checking Preparation replication

When done with the preparation steps, the Active Directory Schema would be at 56. You can manually check the schema version per Domain Controller with the following command-line one-liner from any of your Windows Server 2003 x64-based Domain Controllers:

repadmin /showattr * "cn=schema,cn=configuration,dc=domain,dc=tld" /atts:objectVersion

Note:
Repadmin.exe is not built into Windows Server 2003, as it is in newer versions of Windows Server. To use repadmin.exe in Windows Server 2003, install the Windows Server 2003 Support Tools.

When all your Domain Controllers report Schema version 56, the Active Directory preparation has replicated to all Domain Controllers.

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.