Solved

Bring an old windows 2000 AD domain from Mixed to Native mode

Posted on 2011-02-17
3
674 Views
Last Modified: 2012-05-11
Okay, I've got a windows 2000 mixed mode active directory domain including four DC's running server 2000 SP4 and one member server running exchange 2003 SP2  The domain is in Mixed mode because we had some DEC Alpha servers that were running pathworks.  The alpha's have been decommissioned, and are no longer in the domain.  We have between 75 and 100 pcs/laptops running a mix of XP and Win7.  We would like to move to Native mode and then upgrade our servers to server 2008.

My question has to do with converting from mixed to native mode.  In the Active Directory Domains and Trusts snap-in, there's a button to change mode.  What steps should I take (other than a full backup) prior to pushing the button?  Also, since this is a one-way door, what else should I look into before making this move?  Additionally, do I need to run the Change Mode script from each DC or just one?
0
Comment
Question by:dcmathis
3 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 34920480
You only change it once;  having backups is a good idea but other than that you don't need to do anything else.

Good job planning on moving away from Windows 2000 as that stopped being supported last summer.

Thanks

Mike
0
 

Author Comment

by:dcmathis
ID: 34920543
So with the domain as it sits now, all I have to do is click the Change Mode button and watch the magic happen?
0
 
LVL 11

Expert Comment

by:RickSheikh
ID: 34920556
As Mike said. However, only thing that could have prevented you from going to 2000 native mode had to be the DCs that were not running minimally W2K OS. Members servers do not matter.

http://support.microsoft.com/kb/322692

One a side note, all is not lost, you gain the following features by going to Windows 2000 native mode :)

# Universal groups for both distribution and security groups.

# Group nesting

# Group conversion, which allows conversion between security and distribution groups

# Security identifier (SID) history

http://technet.microsoft.com/en-us/library/understanding-active-directory-functional-levels%28WS.10%29.aspx

0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SCCM Active Directory Audit functions 2 26
Static IP Address Assignment 10 72
Time sync on Domain 5 36
DC with error SChannel ID 36888 3 37
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

680 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question