After Upgrade From NT to Win2K3 AD Domain -- What Next

B

Brian Kerr

We recently (finally) upgraded our domain from NT 4.0 to Win2K3.

Previously, we had one NT PDC and 2 BDCs.

I did an in-place upgrade of our PDC. It is now running Win2K3.

I still have the old BDCs in place. I can't tell if they are doing anything
as far as authentication, or if they are just sitting there doing nothing.
Do these old NT BDCs have a function in the new domain, or should I just
shut them down? Would they offer any temporary authentication in case
something happens to my new win2k server?

Eventually, I hope to build a second win2k server and install AD on it as a
backup domain controller, but I'd like to do a little more reading before I
do this.

Thanks

brian
 
C

Chris Malone

If you are in Interim mode, they can still authenticate users. Here is
an excerpt:

Windows Server 2003 Active Directory allows a special forest and domain
functional level called Windows Server2003 interim. This functional
level is provided for upgrades of existing Windows NT 4.0 domains where
one or more Windows NT 4.0 backup domain controllers (BDCs) will need
to function after the upgrade. Windows 2000 domain controllers are not
supported. Windows Server 2003 interim applies to the following
scenarios.
- Domain upgrades from Windows NT 4.0 directly to Windows Server 2003.
- Windows NT 4.0 BDCs will not be upgraded immediately.
- Windows NT 4.0 domains that contain groups larger than 5,000 members
(excluding the domain users group).
- There are no plans to implement Windows 2000 domain controllers in
the forest at any time.
Windows Server 2003 interim provides two important enhancements while
still allowing replication to Windows NT 4.0 BDCs:
- Efficient group replication (support for more than 5,000 members per
group); and,
- Improved KCC (inter-site topology generator algorithms)


chris
..
 
G

Guest

Brian

Don't change the funtional mode. the BDC's will still authenticate clients,
and will still syncronise with your windows 2003 domain controller. make sure
you have two Dc in place and float the FSMO roles on them before you
decommission your old BDC's. Also check if they are running any other
services i.e WISN DHCP, file and print. make sure you migrated these services
off before the decommission.

Regards
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Promote to AD in an NT server domain 4
PSE Help -> Migration NT 4 domain -> Win2003 1
upgrade PDC to win2k member server 3
Domian is unavailable when PDC is down 1
Migrating NT 4 Accounts to Win2k Server 3
NT4 SP5 workstation with windows 2003 DC and NT4 BDC 7
Migration Approach in NT4 to Win2K3 AD 1
can you reverse a Windows 2003 Server Domain Functional level 1

Top