Avatar of ASME
 asked on

Trust between Windows Domains 2000/2003 and Windows 2012-R2

Right now we are at AD Windows 2008-R2 Forest/Domain Functional Level for Corporate internal network
We have 1 Forest Transitive Trust between our Windows 2008-R2 and Windows 2003
and we have another External Non-Transitive Trust between our Windows 2008-R2 and Windows 2000
we are planning to upgrade our Windows 2008-R2 to Windows 2012-R2 and raise Forest/Domain Functional Level to Windows 2012-R2
My question is that will this upgrade work with these 2 Trusts or if there is any compatibility issue
Windows Server 2012Windows Server 2008Windows 2000Windows Server 2003

Avatar of undefined
Last Comment
Toni Uranjek

8/22/2022 - Mon
Cliff Galiher

You will hit compatibility issues with those 2000 servers. Long out of support, MS neither tests nor provides updates to support connectivity. The ciphers are old enough that you'd have to significantly weaken your newer machines to get them to talk, and you'd be doing so in an unsupported configuration *if* you can get then to work at all.

Truthfully any 2000 server should be replaced. And in the rare instances they absolutely cannot be, they should exist in a vacuum. They should not be on an normal network. They should not see other machines. If they drive specialty equipment like a CNC, they don't need internet connectivity nor federated trusts.

And 2003 is nearly in the same boat. Published lifecycles matter.
Toni Uranjek

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.