Raise the funcitonal level of a domain
We have a domain with various servers from Windows Server 2000, 2003 & 2008 R2.
We have two domain controllers
Primary DC 2008 R2. Secondary DC 2003 R2.
The 2000 Servers are simply holding legacy applications and are not Domain Controllers.
Our functional level of the domain and forest is set to 2000 Native.
Are there any issues with raising the funcitonal level of the domain and forest to 2003?
We have two domain controllers
Primary DC 2008 R2. Secondary DC 2003 R2.
The 2000 Servers are simply holding legacy applications and are not Domain Controllers.
Our functional level of the domain and forest is set to 2000 Native.
Are there any issues with raising the funcitonal level of the domain and forest to 2003?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
That would be the best option
ASKER
How long does the process take to raise?
I know not best practice but are there any issues doing this while users are on the system?
I know not best practice but are there any issues doing this while users are on the system?
WHen you click "OK", it's done :] Your DFL is changed, up-and-running
The same for FFL
Krzysztof
The same for FFL
Krzysztof
No, this action does not affect users workong in the system. That process is transparent.
Krzysztof
Krzysztof
ASKER
Just to confirm one last point.
I have now raised the Functional level of our domain to 2003. The forest is still set to 2000.
Will the trust now work?
Just to clarify is there any issue to me simply raising our FFL to 2003 also?
I have now raised the Functional level of our domain to 2003. The forest is still set to 2000.
Will the trust now work?
Just to clarify is there any issue to me simply raising our FFL to 2003 also?
Yes, trust will work. If your domain(s) in the forest have no 2000 DCs, you can freely raise also FFL to 2003. It's the best choice to get two-way transitive trust between these 2 forests.
That's new feature implemented in 2003 AD when you use FFL at 2003 level.
So, if you do not use 2000 DCs at all and do not plan to use them, raise FFL.
Before you will be able to establish trust, you need to configure DNS first. One of these options is required to get it working:
1) Define Conditional forwarders in your DNS management console for the domain from another forest
2) Create Stub zone in DNS for that zone
And of course make sure that you can reach that network from your environment :)
Krzysztof
That's new feature implemented in 2003 AD when you use FFL at 2003 level.
So, if you do not use 2000 DCs at all and do not plan to use them, raise FFL.
Before you will be able to establish trust, you need to configure DNS first. One of these options is required to get it working:
1) Define Conditional forwarders in your DNS management console for the domain from another forest
2) Create Stub zone in DNS for that zone
And of course make sure that you can reach that network from your environment :)
Krzysztof
ASKER
Their functional level is 2003 native thus we have to riase ours to enable the two way trust.