Yes. I was pretty sure you knew about Win2000 Server
mode but it is much easy to discuss the other modes and
FFL if you start with those changes and build it
incrementally.
Most people make the mistake of trying to understand this
stuff en masse.
It is greyed out in all Win2000 modes.
There are some limitations so before you depend on it
you need to investigate more deeply.
This is approximated by Forest level trusts. While
there is still no true "prune and graft" of domains or
Forests, the Forest level trust allows for a single
trust between the two forests to be transitive to all
domains within those forests (one-way or two-way
as an option.)
Although the documentation says that Forest trusts
are transitive, they are in fact only SEMI-transitive,
i.e., a single trust creates an effective trust between
all domains in two forests but if a third forest is
involved the transitivity does not propagate across
FORESTS -- to the next forest.
--
Herb Martin
> > > However, as I have only played with 2003
for a few months I
> > wasn't
> > > aware of the Windows 2003 server mode? What
is the advantage
> > of this?
> > > I have all Windows 2003 DC's now and was
running in native
> > mode before
> > > the upgrade.
> >
> > There were only two modes for Domains (and none
> > for Forests) in Win2000.
> >
> > Win2003 adds several; there are now 4 modes for
> > domains and 3 "functional levals" for forests --
many
> > people use the term "functional mode" for both
forests
> > and domains but I prefer to keep the distinct terms
for
> > clarity.
> >
> > Domain modes:
> > 1) Mixed mode -- the default (available in
Win2000)
> > 2) Native mode -requires all Win2000+ DCs,
i.e., no BDCs
> > (available in Win2000
> > 3) Interrim (new to Win2003) allows BDCs but no
Win2000
> > 4) Win2003 Server mode (Win2003 DCs ONLY)
> > (this has also been called Win2003
Native mode at
> > times)
> >
> > Forest functional levels:
> >
> > 1) Windows 2000 FFL (roughly equivalent to
Mixed
> > mode at the domain level)
> > 2) Win2003 Interrim FFL (mostly improves
replication
> > behavior since no Win2000 DCs are/can
be involved.
> > 3) Windows 2003 -- enables things like Forest
level trusts
> > and domain rename (since the entire forest
is now
> > Win2003
> > DC and will not be confused by such
changes.)
> > Also "Defunting" (yes, it's a verb) of
Schema object
> > additions
> >
> > There are various improvements but the simplest way
> > to understand the difference between Native and
Mixed
> > (available even in Win2000) is that anything that
would
> > confuse an NT-BDC is not allowed.
> >
> > Note that Native mode is pratically a DC issue and
has
> > NO direct effect on legacy clients. Some
improvements
> > include (not a full list): Group nesting and
Universal
> > groups, improved support for migrating users INTO
the
> > domain, dropping of the SAM (and any practically
limits
> > on domain size) by the PDC-emulator (which is STILL
> > needed), improvements to RRAS for users (Policy
grant
> > and deny of access, IP assignment etc.), most group
type
> > conversions,
> >
> > The main improvements for Win2003 Server DOMAIN
mode
> > are Domain controller rename, InetOrgPerson
password
> > (can be used in place of User account object), and
the
> > updating of the last logon time -- really though
for most
> > people, the real reason for Win2003 mode at the
domain
> > is that all domains must be here to reach Win2003
FFL
> > on the Forest.
> >
> >
> > <
> >
http://www.microsoft.com/resources/...v/2003/standard/proddocs/en-us/sag_levels.asp
> > >
> >
> > --
> > Herb Martin
> >
> >
> > "lforbes" <
[email protected]>
wrote in message
> > > > > Hi,
> > >
> > > > You cannot raise a Domain level to
"Win2003 Server
> > mode"
> > > > until ALL DCs in domain run
Win2003.
> > > >
> > > > You cannot raise the Forest level
to "Win2003
> > Forest Functional
> > > > Level" until ALL DOMAINS are at
"Win2003 Server
> > Mode",
> > > > and thus until all DCs in Forest
are running
> > Win2003.
> > > >
> > >
> > > I just returned from a year off on
Maternity leave. My
> > replacement
> > > upgraded both my domains from windows 2000
to windows 2003
> > in one day
> > > basically running the install off the CD.
Things went really
> > smootly
> > > and there were no issues. I felt no need to
do a completely
> > new
> > > install of 2003 because of how similar it
was to 2000
> > (unlike with
> > > NT).
> > >
> > > However, as I have only played with 2003
for a few months I
> > wasn't
> > > aware of the Windows 2003 server mode? What
is the advantage
> > of this?
> > > I have all Windows 2003 DC's now and was
running in native
> > mode before
> > > the upgrade.
> > >
> > > Cheers,
> > >
> > > Lara
> > >
> > > --
> > >
http://www.WindowsForumz.com/ This article
was posted by author's
request
> > > Articles individually checked for
conformance to usenet
> > standards
> > > Topic URL:
> >
http://www.WindowsForumz.com/Active...migrate-Win2000-Win2003-AD-ftopict242271.html
> > > Visit Topic URL to contact author (reg.
req'd). Report
> > abuse:
> >
http://www.WindowsForumz.com/eform.php?p=740977
