Announcement

Collapse
No announcement yet.

Adding a Server 2008 R2 DC to a 2003 Domain with Trust to NT Domain

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Adding a Server 2008 R2 DC to a 2003 Domain with Trust to NT Domain

    Hello,

    I was wondering if anyone had any experance of this.

    Currently our MYDOMIAIN.COM Domain (and Forest) is a Windows 2003 Function Level.

    We have the following trusts in Place;
    with UK Domain (Domain Function Level Windows 2003, Forrest Function Level Windows 2003)

    with CORP Domain (Domain Function Level Windows 2003, Forrest Function Level Windows 2000)

    with ad Domain (Domain Function Level Windows 2003, Forrest Function Level Windows 2003)

    with NT Domain (Windows NT 4)

    We would like to install a Windows Server 2008 R2 Domain controller in MYDOMAIN.COM domain to allow us to use Server 2008 R2 Terminal service CALs in conjunction with Citrix XenApp 6. To install this Domain Controller there are certain steps that we must take on the domain before we can proceed that involve us making changes to the Forrest and Domain by running the adprep.exe tool.

    My question is will adding a Server 2008 R2 Domain Controller affect any of the existing trusts that we have inplace?

    I have done a bit of googleing and there are issues with a 2008 Domain and NT4 however not come across any one mentioning what we are trying to do yet.

    Many thanks,

  • #2
    Re: Adding a Server 2008 R2 DC to a 2003 Domain with Trust to NT Domain

    If you're only extending the schema, and not actually updating either the forest or trust functional levels, then you should be ok.


    however, hopefully someone else can come and either back me up or shoot me down, because updating the schema is not something you can roll back if it DOES break your NT domain
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

    Comment


    • #3
      Re: Adding a Server 2008 R2 DC to a 2003 Domain with Trust to NT Domain

      Hello tehcamel,

      That is my train of though also. However I am going to be in a world of Hurt if I make the changes and it breaks the trust with the NT domain.

      I have also logged a call with Microsoft Support to see what they think.

      Will post the reply when I get one.

      Comment


      • #4
        Re: Adding a Server 2008 R2 DC to a 2003 Domain with Trust to NT Domain

        The process of adding the 2008 DC to the domain could cause an issue as I believe the process of adding the DC will change the default Group Policies. The key change is with the NTLM level of authentication that wouldn't be supported by legacy clients such as NT4. It depends on how the trust authenticates to the other Forest with regards to what it can effect.

        I would certianly backup the Default Domain Controllers and Default Domain Policy prior to any changes on the domain in addition to the usual system state backup. If you can, test the scenario in a suitable, representative test environment isolated from the production one.

        Comment

        Working...
        X