alocke2940
asked on
Domain functional levels...
Right now I am running a Windows 2003 network in "Windows Server 2003 interim mode". I have have 2 w2003 DC, 2 NT4 DC and no w2k DC. I have about 100 clients. I want to switch to "WIndows Server 2003" domain functional level. I know that NT 4 DC are not supported in this senerio. I need to keep the NT 4 DC up until I can move the apps that reside on them over to different servers. I don't care if the NT 4 DC aren't able to authenticate users or perform and DC functions in the new domain functonal level. I was just wondering if there are adverse effects in keeping 2 NT 4 DC in this new domain functional level. The 2 W2003 DC servers should easily handle all the DC roles in my network. Must I purge all the NT 4 DC before continuing?
Also, if you require authentication to access shares and applications, they will fail too.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
You can depromote and NT 4 server from a DC to member server? How do you do that?
Well, with the Upromote tool from the link?
We've just run this successfully on a couple of NT4 BDCs in a W2k3 domain that were still serving as print servers and had no problems. Whether it works for you depends on your setup. (And the air humidity, your stepsister's horoscope, and whatever else influences computers ...)
Major caveat: When/if you depromote a DC that way, it will be removed from the domain first and become a stand-alone server. During this, the NTFS permissions at least on the system drive will have to be reset as well, due to the SID changing; so if you've developed some elaborate permission construction on your system drive, you might have to reconstruct it. You can leave the permissions on the other drive(s) if you plan to rejoin the domain.
We've just run this successfully on a couple of NT4 BDCs in a W2k3 domain that were still serving as print servers and had no problems. Whether it works for you depends on your setup. (And the air humidity, your stepsister's horoscope, and whatever else influences computers ...)
Major caveat: When/if you depromote a DC that way, it will be removed from the domain first and become a stand-alone server. During this, the NTFS permissions at least on the system drive will have to be reset as well, due to the SID changing; so if you've developed some elaborate permission construction on your system drive, you might have to reconstruct it. You can leave the permissions on the other drive(s) if you plan to rejoin the domain.
If you raise the Domain functional level then the NT4 DCs will nolonger be able to replicate the AD database and will not receive updates - IE they will effectively cease to be DCs.
Yes, you should purge NT4 DCs before upgrading
Cheers
JamesDS