Solved

Will my AD Trust be affected by raising the forest level?

Posted on 2014-11-17
2
1,140 Views
Last Modified: 2014-11-18
We have two different forests.

Forest 1 = domainA.local
Forest 2 = domainB.com

These are two separate forests but there is a trust between the two of them in order to allow access to certain systems and services on the domainB.com network.  There is also a Site to Site VPN between the two locations.  You can see the entire directory in the attached image.

domainB.com has all domain controllers with 2008 R2.  domainA.local has 2003 Domain Controllers.  The forest level of domainB.com has been left at 2003 due to not knowing if raising the forest level will affect the trust in any way.  

Is it safe to say I can raise the function level of the domainB.com trust to 2008 R2 without affecting the domainA.local domain.  I would like to take advantage of other features in a 2008 R2 domain level.  

Any assistance is appreciated.
Forest.jpg
0
Comment
Question by:Shawn Cøady
2 Comments
 
LVL 36

Accepted Solution

by:
Mahesh earned 500 total points
ID: 40449138
I don't see any problems in raising functional level to 2008 R2
This is totally for internal AD configuration purpose and it decide which version of DC (2003 \ 2008 \ 2008 R2) can be placed in domain or forest. Also it will add new functionalities with AD.
It has nothing to do with trust. Trust will work as it is.
U already have 2003 functional levels.
https://social.technet.microsoft.com/Forums/windowsserver/en-US/9d127cd7-9d0a-4bbb-9586-014f46d004c6/risks-of-raising-domainforest-functional-level-from-2003-mixed-to-2008-native?forum=winserverDS

Only if you have any legacy application servers which are also integrated with active directory, just ensure that they are working with 2008 R2 active directory.
If they are working, raising functional levels will not make any difference
U might want to go through below links to understand other impacts if any

Check below link for possible impact
http://blogs.technet.com/b/askpfeplat/archive/2012/04/09/a-few-things-you-should-know-about-raising-the-dfl-and-or-ffl-to-windows-server-2008-r2.aspx
http://blogs.technet.com/b/askds/archive/2011/06/14/what-is-the-impact-of-upgrading-the-domain-or-forest-functional-level.aspx
0
 
LVL 3

Author Closing Comment

by:Shawn Cøady
ID: 40450123
Thanks for the insight and documentation.  I didn't think it would matter but thought I would confirm by ideas first.  I will still give your articles a read to see if there is any additional info I might want.  Again much appreciated.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In-place Upgrading Dirsync to Azure AD Connect
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question