Appendix B: Upgrading from ADAM to AD LDS

Applies To: Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows Server 2008

By upgrading to the Windows Server 2008 Active Directory Lightweight Directory Services (AD LDS) server role, formerly known as Active Directory Application Mode (ADAM), you can take advantage of several additional features that were not available in the previous versions of ADAM, including the following:

• AD LDS auditing

• The Data Mining Tool

• Support for the Active Directory Sites and Services snap-in

• A dynamic list of LDAP Data Interchange Format (LDIF) files that are available during setup of your AD LDS instance

• Recursive, linked-attribute queries

For more information about AD LDS features, see Active Directory Lightweight Directory Services Overview (https://go.microsoft.com/fwlink/?LinkID=96084).

To start the process of upgrading from Windows Server 2003 ADAM to Windows Server 2008 AD LDS, insert the Windows Server 2008 operating system DVD into the Windows Server 2003–based computer that is running ADAM. Or, if the Windows Server 2008 media are shared over the network, run the Setup.exe command-line tool on the Windows Server 2003–based computer that is running ADAM.

When the upgrade is complete, the Windows Server 2003 ADAM server role will be automatically converted into the Windows Server 2008 AD LDS server role, and all preexisting unique or replica ADAM instances (which, after the upgrade, become AD LDS instances) will remain intact. Replication between Windows Server 2003 ADAM (with Service Pack 1 (SP1) or Service Pack 2 (SP2)), Windows Server 2003 R2 ADAM instances, and Windows Server 2008 AD LDS instances is fully supported.

Extend the preexisting ADAM configuration directory partition

Extend your preexisting ADAM configuration directory partition to match the default configuration directory partition of the newly created AD LDS instance by importing the new ms-ADAM-Upgrade-1.ldf file into the unique and replica Windows Server 2003 ADAM instances after they have been successfully upgraded to Windows Server 2008 AD LDS. The new ms-ADAM-Upgrade-1.ldf file contains two additional access control rights: Unexpire-Password and Reload-SSL-Certificate.

After you upgrade your ADAM or AD LDS instance to Windows Server 2008 R2 or a later version, you should import a second extension, MS-ADAM-Upgrade-2.ldf, into the AD LDS schema. This extension adds schema attributes that support Active Directory Recycle Bin and improve replication capabilities.

You can import the MS-ADAM-Upgrade-1.LDF file by using the Ldifde.exe command-line tool.

Membership in the Administrators group of the AD LDS instance is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).

To import ms-ADAM-Upgrade-1.ldf by using the Ldifde.exe command-line tool

1. Open a command prompt, and then change the directory to %windir%\ADAM.

2. At the command prompt, type the following command, and then press ENTER:

     ldifde –i –f ms-ADAM-Upgrade-1.ldf –s server:portnumber –b username domain password –k –j . –c “CN=Configuration,DC=X” #configurationNamingContext

To import ms-ADAM-Upgrade-2.ldf by using the Ldifde.exe command-line tool

1. Open an elevated command prompt.
2. Type the following command, and then press ENTER.

   ldifde.exe -i -f c:\windows\adam\MS-ADAM-Upgrade-2.LDF -s server:portnumber  -j . -$ c:\windows\adam\adamschema.cat