Link to home
Create AccountLog in
Avatar of ASME

asked on

Trust between Windows Domains 2000/2003 and Windows 2012-R2

Right now we are at AD Windows 2008-R2 Forest/Domain Functional Level for Corporate internal network
We have 1 Forest Transitive Trust between our Windows 2008-R2 and Windows 2003
and we have another External Non-Transitive Trust between our Windows 2008-R2 and Windows 2000
we are planning to upgrade our Windows 2008-R2 to Windows 2012-R2 and raise Forest/Domain Functional Level to Windows 2012-R2
My question is that will this upgrade work with these 2 Trusts or if there is any compatibility issue
Avatar of Cliff Galiher
Cliff Galiher
Flag of United States of America image

You will hit compatibility issues with those 2000 servers. Long out of support, MS neither tests nor provides updates to support connectivity. The ciphers are old enough that you'd have to significantly weaken your newer machines to get them to talk, and you'd be doing so in an unsupported configuration *if* you can get then to work at all.

Truthfully any 2000 server should be replaced. And in the rare instances they absolutely cannot be, they should exist in a vacuum. They should not be on an normal network. They should not see other machines. If they drive specialty equipment like a CNC, they don't need internet connectivity nor federated trusts.

And 2003 is nearly in the same boat. Published lifecycles matter.
Avatar of Toni Uranjek
Toni Uranjek
Flag of Slovenia image

Link to home
Create an account to see this answer
Signing up is free. No credit card required.
Create Account