6

I've been experimenting with IPv6 at our organization. The domain controllers (all 2003 R2) and most of the servers (2003 R2 / 2008 / 2008 R2) have IPv6 configured. We have a subnet assigned through a tunnel provider.

Currently, the only workstation that is running IPv6 is mine. (Windows 7) I have been noticing that my workstation is picking domain controllers in other sites for things like DFS, and I finally realized that I don't have the IPv6 subnets set up in Active Directory Sites and Services (ADSS). But when I try to add a IPv6 prefix in ADSS, it tells me:

Windows cannot create the object 2001:xxxx:xxxx:xxxx::/64 because:  
The object name has bad syntax.

I believe I may be using the 2008 version of the admin tools (ADSS reports version 6.1.7601.17514) so I'm wondering if maybe my 2003 R2 Active Directory schema doesn't support configuring IPv6 subnets in ADSS. Is this true?

UPDATE

Even with 2008 R2 schema in Active Directory, I'm having the same problem. How can I get my IPv6 subnets into Sites and Services?

NorbyTheGeek
  • 415
  • 1
  • 6
  • 22
  • Not sure about AD 2003, but AD 2008 R2 definitely supports ipv6 subnets in ADSS. See http://technet.microsoft.com/en-us/library/cc816870(WS.10).aspx – Greg Bray Apr 24 '12 at 00:54

2 Answers2

3

You'll need to upgrade the schema of your Active Directory in order to have support for IPv6 subnets. Running the adprep utility from Windows Server 2008 (or R2) will be sufficient to upgrade your schema to a version that supports the new IPv6 subnet objects.

Evan Anderson
  • 141,881
  • 20
  • 196
  • 331
  • This will work even if I'm not running any 2008 Domain Controllers? – NorbyTheGeek Oct 28 '11 at 22:24
  • 1
    @NorbyTheGeek Absolutely - it *must* be done prior to the addition of a 2008 DC, in fact. – Shane Madden Oct 28 '11 at 22:28
  • 1
    The behavior of your Windows 2003 Domain Controllers won't change if you upgrade the schema. Only newer OS's like Windows 7 and Windows Server 2008 will actually make use of the new classes and attributes. Obviously, you should have proper backups and test, as makes you feel comfortable, before making a major update like this. – Evan Anderson Oct 28 '11 at 22:32
  • It turns out I already had 2008 schema in my AD. I did upgrade to 2008 R2 schema, but I'm still having the same problem. Any other ideas on how to get this to work, or am I just stuck until I have at least one 2008 Domain controller? (or 2008 DNS server?) – NorbyTheGeek Nov 02 '11 at 16:47
3

It turns out that Windows 2003 Domain Controllers will not accept IPv6 subnets in Sites and Services. After adding a 2008 R2 domain controller, I was able to add IPv6 subnets. But I also found out that running IPv6 on Windows 2003 does not work out very well, especially with Exchange in the mix.

NorbyTheGeek
  • 415
  • 1
  • 6
  • 22