Same issue with adprep /forestprep while preparing for inplace upgrade from 2012 r2 standard. Went the certificate trusted route... says import was successful ...but red "x" remains , even after a restart.

Hello, I am in a similar type of situation. I am trying to upgrade the schema version from 87 to 88 and then I will be upgrading the servers from 2016 to 2022.
Here is the adprep command I ran:
PS D:\support\adprep> .\adprep.exe /forestprep

ADPREP WARNING:

Before running adprep, all Windows Active Directory Domain Controllers in the forest must run Windows Server 2003 or later.

You are about to upgrade the schema for the Active Directory forest named 'amii.ca', using the Active Directory domain controller (schema master) 'AVMVPRDMFT
ADS01.amii.ca'.
This operation cannot be reversed after it completes.

[User Action]
If all domain controllers in the forest run Windows Server 2003 or later and you want to upgrade the schema, confirm by typing 'C' and then press ENTER to co
ntinue. Otherwise, type any other key and press ENTER to quit.


C

Current Schema Version is 87


Upgrading schema to version 88


Verifying file signature
Connecting to "AVMVPRDMFTADS01.amii.ca"
Logging in as current user using SSPI
Importing directory from file "D:\support\adprep\sch88.ldf"
Loading entries...
Add error on entry starting on line 26: Insufficient Rights
The server side error is: 0x2098 Insufficient access rights to perform the operation.
The extended server error is:
00002098: SecErr: DSID-031514A0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

2 entries modified successfully.
An error has occurred in the program
ERROR: Import from file D:\support\adprep\sch88.ldf failed. Error file is saved in C:\Windows\debug\adprep\logs\20240416200415\ldif.err.88.

If the error is "Insufficient Rights" (Ldap error code 50), please make sure the specified user has rights to read/write objects in the schema and configurat
ion containers, or log off and log in as an user with these rights and rerun forestprep. In most cases, being a member of both Schema Admins and Enterprise A
dmins is sufficient to run forestprep.


Adprep was unable to upgrade the schema on the schema master.
[Status/Consequence]
The schema will not be restored to its original state.
[User Action]
Check the Ldif.err log file in the C:\Windows\debug\adprep\logs\20240416200415 directory for detailed information.


Adprep was unable to update forest information.
[Status/Consequence]
Adprep requires access to existing forest-wide information from the schema master in order to complete this operation.
[User Action]
Check the log file, ADPrep.log, in the C:\Windows\debug\adprep\logs\20240416200415 directory for more information.