[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Bring an old windows 2000 AD domain from Mixed to Native mode

Posted on 2011-02-17
3
Medium Priority
?
680 Views
Last Modified: 2012-05-11
Okay, I've got a windows 2000 mixed mode active directory domain including four DC's running server 2000 SP4 and one member server running exchange 2003 SP2  The domain is in Mixed mode because we had some DEC Alpha servers that were running pathworks.  The alpha's have been decommissioned, and are no longer in the domain.  We have between 75 and 100 pcs/laptops running a mix of XP and Win7.  We would like to move to Native mode and then upgrade our servers to server 2008.

My question has to do with converting from mixed to native mode.  In the Active Directory Domains and Trusts snap-in, there's a button to change mode.  What steps should I take (other than a full backup) prior to pushing the button?  Also, since this is a one-way door, what else should I look into before making this move?  Additionally, do I need to run the Change Mode script from each DC or just one?
0
Comment
Question by:dcmathis
3 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 2000 total points
ID: 34920480
You only change it once;  having backups is a good idea but other than that you don't need to do anything else.

Good job planning on moving away from Windows 2000 as that stopped being supported last summer.

Thanks

Mike
0
 

Author Comment

by:dcmathis
ID: 34920543
So with the domain as it sits now, all I have to do is click the Change Mode button and watch the magic happen?
0
 
LVL 11

Expert Comment

by:RickSheikh
ID: 34920556
As Mike said. However, only thing that could have prevented you from going to 2000 native mode had to be the DCs that were not running minimally W2K OS. Members servers do not matter.

http://support.microsoft.com/kb/322692

One a side note, all is not lost, you gain the following features by going to Windows 2000 native mode :)

# Universal groups for both distribution and security groups.

# Group nesting

# Group conversion, which allows conversion between security and distribution groups

# Security identifier (SID) history

http://technet.microsoft.com/en-us/library/understanding-active-directory-functional-levels%28WS.10%29.aspx

0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question