Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Group Policy Extentions mixed Servers

Posted on 2011-03-14
2
Medium Priority
?
506 Views
Last Modified: 2012-05-11
We currentky have a domain that has Windows 2003 and Windows 2000 DC. We are looking to start to use GPP on our network and would like some advice on the best way forward with this.
We have installed a Server 2008 Member server and have added the GP tools to this but when we try to connect to the DC is generates and error. Is this becuase that we still have Windows 2000 DC on the network? Do we need to upgrade these to at least 2003?

We are looking to utilise a few 2008 servers that we have as DC's in the near future and realise the process involved in adding these to the network. We would just like to start using GPP before we go with 2008 DC's

Any issues to be aware with on both topics?

Any info greatly appeciated?
0
Comment
Question by:Mitch P
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 9

Accepted Solution

by:
Chev_PCN earned 500 total points
ID: 35126705
The 2008 server is only a member server, which means that, you would have to run the 2008 Forestprep / domainprep to update the schema, which should then propagate to all the DC's.
Until you do that, you can't use any of the 2008 DC features.
It's not a good idea to have Win2000 DC's from a security or stability standpoint, but MS do support interoperability as long as the Win2000 boxes are running SP4. I would recommend replacing your Win2000 boxes ASAP. Also upgrade your domain functional level to 2003 native.

If you want to roll out Group Policy before you do this, then you can only do it from a 2003 DC, or from a PC running the 2003 Server Support Kit.
0
 
LVL 2

Assisted Solution

by:temores
temores earned 500 total points
ID: 35135096
From July 2010, Windows 2000 EVEN with SP4 is not supported, only through a custom suport agreement.

Group Policy Preferences is a feature of the Group Policy Management Console (GPMC) v2 that is shipped with windows vista and some of them can be applied to Windows XP an 2003 domain members as well as long as they have the GP extensions installed on them.

Windows 7, Windows 2008 and 2008 R2 have this extensions installed by default.

What you need to do is to is to use a GPMCv2 console to administer your GPOs and also apply the following hotfixes to you windows 2003, XP and vista machines.

you can follow the steps detailed here:

http://blogs.technet.com/b/grouppolicy/archive/2009/03/27/group-policy-preferences-not-applying-on-some-clients-client-side-extension-xmllite.aspx

and here

http://heidelbergit.blogspot.com/2008/03/how-to-install-gpp-cses-using-startup.html.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question