Home

Utilising more than 4GB of RAM with Windows Server 2003 Standard Edition - Enabling /PAE /3GB

July 15, 2008 04:23 by SamMcGeown

We recently needed to upgrade one of our applications, and the new version requires an addition server instead of the application and SQL it requires a back end search, a front end web server and a SQL server. The specifications of the new server which are "required" to qualify for support are pretty high. The problem is that the actual processor usage is very light, and it is very hard to justify buying a whole new server that I know is going to be barely used.

The alternative plan was to virtualise the servers, make use of the existing physical hardware, upgrade the RAM and add a couple of drives to the RAID array, which we opted for because it would cost less than £300, instead of £3000.

I forgot, however, the 4GB limitations of Windows Server 2003. 32 bit processors cannot address more than 4GB of RAM, so to get round that you can use Physical Address Extensions (using the /PAE switch in the boot.ini) which enables you to utilise more than the standard 4GB.

Typically a 32 bit system with 4GB RAM will allow 2GB for the kernel, and 2GB for the Applications to use. This means that each application can virtually address up to 2GB of RAM. You can change this balance using the /3GB option in the boot.ini to allow 3GB for applications. Think carefully before doing this!

To enable PAE:

  1. Right click "My Computer", select "Properties"
  2. Select the "Advanced" tab and click the "Startup and Recovery" button
  3. Under "System startup" you can click "Edit" to open the boot.ini file.
  4. BE CAREFUL! You can render you OS unbootable! Add the /PAE and /3GB options to the startup (see below for an example) Save, OK and reboot.

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows Server 2003, Standard" /PAE /3GB /fastdetect

It's worth noting that if you have DEP (Data Execution Protection) turned on then PAE will be turned on by default. DEP is on automatically in Windows Server 2003 SP1 - you'll see the /noexecute=[policy level] in the boot.ini

Digg It!DZone It!StumbleUponTechnoratiRedditDel.icio.usNewsVineFurlBlinkList

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5
Tags: , , , , , , , ,
Categories: VMWare | Windows Server 2003
Actions: E-mail | Permalink | Comments (1) | Comment RSSRSS comment feed

Adding a Windows 2003 domain controller to your existing Windows 2000 domain

April 8, 2008 09:20 by SamMcGeown

I was adding a shiny new domain controller to my server farm earlier today, we have just two Windows 2000 SP4 domain controllers on old kit and they are due to retire. With the hardware selected, purchased and a fresh copy of Windows Server 2003 R2 installed, I set to installing Active Directory. DCPromo.exe fires up and I go through the configuration steps until...

"The Active Directory Installation Wizard cannot continue because the forest is not prepared for installing Windows Server 2003. Use the Adprep command-line tool to prepare both the forest and the domain. For more information about using the Adprep, see Active Directory Help.

The version of the Active Directory schema of the source forest is not compatible with the version of Active Directory on this computer."

A quick rootle around TechNet shows a simple solution on KB917385 - on your Schema Master (normally your first DC in the domain, unless you've changed it) pop in the second CD of your R2 install and run:

[CD]:\CMPNENTS\R2\ADPREP\Adprep.exe /forestprep

That's as far as the knowledgebase article takes you, which does resolve that specific error, but not the next one you're likely to encounter, especially if you've got more than one DC, and/or more than one domain. For each DC in your domain you will also need to run:

[CD]:\CMPNENTS\R2\ADPREP\Adprep.exe /domainprep /gpprep

Now back on your new R2 server you can fire up DCPromo.exe and install Active Directory as per normal. Daniel Petri has an excellent article on how to install and test your new domain controller that you can follow, I've installed countless domain controllers and I still refer back to that article.

Digg It!DZone It!StumbleUponTechnoratiRedditDel.icio.usNewsVineFurlBlinkList

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5
Tags: , , , , ,
Categories: Active Directory | Windows Server 2003 | Windows Server 2000
Actions: E-mail | Permalink | Comments (0) | Comment RSSRSS comment feed

Using NTDSUtil to transfer FSMO Roles by command line

March 20, 2008 13:02 by SamMcGeown

Originally posted Monday, January 7th, 2008

I’ve just removed a domain controller (DC) from my root domain, the very first server not only in the domain, but the forest. The roles were migrating to a newer server, far more up to the job, but it isn’t a job to be taken lightly. If you mess up the root domain, you’ve potentially got problems all the way down your domain hierarchy.

Let me explain; the primary domain controller in a domain (normally the first domain controller) hosts all the FSMO roles. It also is (by default) the only copy of the Global Catalog (GC). Potentially, even if you have other domain controllers in the forest, you could end up with a seriously crippled domain.

So, you want to transfer them safely off of your old domain controller (from now on DC1) to your new one (from now on DC2). You must ensure that the following are transfered:

  • Schema Master - The only server in the FOREST that can edit the Schema, all other DCs recieve a read-only copy
  • Domain Naming Master - The only server in the FOREST that can add/remove domains in the Directory.
  • Infrastructure Master - Updates an objects Security ID (SID) and Distinguished Name (DN). One per DOMAIN.
  • Relative ID (RID) Master - Processes RID pool requests to all DCs in the Domain. One per DOMAIN.
  • Primary Domain Controller (PDC) Emulator - Windows Time Server (amongst other things) for Kerboros, it’s authoritative for it’s domain. If it’s the root domain, it’s authoritative for the Enterprise.

This can potentially cause irreparable damage to your Active Directory, so I strongly advise you check that your domain is in good working order and has been fully backed up before you attempt to transfer any roles.

  1.  On any domain controller open a command prompt and run “ntdsutil” (Note: You need to be an ENTERPRISE admin to modify Schema, Domain Naming and Infrastructure masters and a DOMAIN admin for the rest)
  2. Type “roles” to enter FSMO Maintenance mode.
  3. Type “connections” to enter the server connections mode, and “server ” to select the server you are transferring roles to. E.G: “server DC2″.
  4. Type “q” to drop back into FSMO Maintenance mode.
  5. Type “transfer ” to transfer the role you want to transfer. You will get a pop up warning asking if you are sure, if you are, click “Yes”. can be:
    • domain naming master
    • infrastructure master
    • RID master
    • PDC
    • schema master
  6. I transferred the roles in that order, it shouldn’t make much difference which order that you do it. Once all the roles are transfered, type “q” again to drop out, and “q” again to quit NTDSUtil.
Digg It!DZone It!StumbleUponTechnoratiRedditDel.icio.usNewsVineFurlBlinkList

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5
Tags: , , , ,
Categories: Active Directory | Windows Server 2003
Actions: E-mail | Permalink | Comments (0) | Comment RSSRSS comment feed

Search

Tags

Categories


Blogroll

Disclaimer

  • The opinions expressed herein are my own personal opinions and do not represent my employer's view in anyway.

    © Copyright 2007-2008

 
Powered by BlogEngine.NET | Designed by Sam McGeown (based on Dirtylicious theme)