Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Risks associated with raising the 2003 Forest and Domain level to 2003

Posted on 2007-08-04
3
Medium Priority
?
873 Views
Last Modified: 2013-11-05
I want to create a one way trust between 2 domains that are in seperate forests.  Does the Domain functional level and the Forest functional level need to be Windows Server 2003 to achieve this ?

Each domain has 2003 Domain Controllers, no NT4 servers and no Windows 2000 domain controllers.  The file servers / web servers are either Server 2000 or Server 2003.  

The clients in each domain are Windows 2000 or XP.  
Are there any risks attached to this ?  
0
Comment
Question by:tickleonthetum
3 Comments
 
LVL 31

Accepted Solution

by:
Toni Uranjek earned 1000 total points
ID: 19630660
Hi!

External trust between two domains can be always created, no need to raise domain or forest functional levels.
If you do not have any NT4 or W2K DCs and you don't have any plans to add them to your network, you can safely raise domain and forest functional levels to benefit from improved replication and improved trust features.The only thing is that raising DFL or FFL is irreversible operation.

HTH

Toni
0
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 1000 total points
ID: 19631750
as Toni says you don't need a specific functional level to create trusts, however iI would always advise raiseing the domain and forest functional level to the highest that can support whatever versions of Windows you are using - so if all of your DCs are Win2003 then use Windows 2003 levels - that way you get the most from the OS that you have paid for.

Note that the limiations on which functional level you can use is depenant only on Domain Controllers, you can still raise the level to Windows 2003 even  if you have a Windows 2000 server - so long as it is not - and never will be, a Domain Controller.
0
 

Author Comment

by:tickleonthetum
ID: 19637551
thanks guys
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question