Trust between Windows Domains 2000/2003 and Windows 2012-R2

ASME used Ask the Experts™
Right now we are at AD Windows 2008-R2 Forest/Domain Functional Level for Corporate internal network
We have 1 Forest Transitive Trust between our Windows 2008-R2 and Windows 2003
and we have another External Non-Transitive Trust between our Windows 2008-R2 and Windows 2000
we are planning to upgrade our Windows 2008-R2 to Windows 2012-R2 and raise Forest/Domain Functional Level to Windows 2012-R2
My question is that will this upgrade work with these 2 Trusts or if there is any compatibility issue
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2018

You will hit compatibility issues with those 2000 servers. Long out of support, MS neither tests nor provides updates to support connectivity. The ciphers are old enough that you'd have to significantly weaken your newer machines to get them to talk, and you'd be doing so in an unsupported configuration *if* you can get then to work at all.

Truthfully any 2000 server should be replaced. And in the rare instances they absolutely cannot be, they should exist in a vacuum. They should not be on an normal network. They should not see other machines. If they drive specialty equipment like a CNC, they don't need internet connectivity nor federated trusts.

And 2003 is nearly in the same boat. Published lifecycles matter.
Trusts will still work after upgrade.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial