Troubleshooting AD Extension. The dreaded Error 8206

I’m a SQL/Apps dude, not an Infrastructure guy.

My weakness is I love technology so much I dabble in things that I should definitely leave to more expert specialists: windows, active directory, Group Policy, Exchange, ISA Server, networking, patch management, server hardening, Hyper-V, playing with toys, SC*, UC, MOSS, config management.

Recently I’m playing with System Centre Configuration Manager. I just like the idea of more automated deployments, inventory control, patching, config management, etc. Even on our humble setup here.

While doing the usual install of an MS server product the AD schema needs to be extended. Of course I get the cryptic “Error Code 8206”.

As a tip to troubleshoot extending AD, just running the “dcdiag".exe” tool before any schema upgrade has been invaluable. This helps tell the health of the AD and can find what was blocking the Schema extension.

In my case I had a secondary domain controller which was being replicated to, but had been turned off. Fixed it up and the schema extension worked perfectly ;-)

It would be really cool if products that extended the AD Schema put in the error message for AD schema extension “GO and run dcdiag.exe NOW” – this would cut down on a lot of hair pulling and mad searching online for solutions.

Hopefully next time I’ll remember to run dcdiag.exe before starting the install….