J
Jason
Hi,
I have a child W2K domain with 4 sites in native mode. Each sites has 2 DC
+GC. Our doamin maintains three external trust relationship with other NT4
domains ( say NT4domain A, B and C ). Actually , our child domain is
migrated from one of the NT4 domain ( domain A ) using ADMT. We still have
about 40% of users having a SID History.
Recently ,one of our sites's local system admin insist to upgrade their DC s
from W2K to W2K3 ( for some funny business reason). My concern is, after
they have upgrade their two DCs to W2k3 while we are still on W2K DC native
mode ( I suppose they could only maintain the same W2k native functional
level ) , will our trust with the NT4 domains be lost ? I heard from a
colleague that once the DCs upgraded to W2K3, immediately, due to SID
filtering , our domain will lost the trust relationship with these external
NT4 domains as they are , relatively , regarded as External forest.
My questions are:
1) It this true , that is , the trust relation will lost immediately ? (
because of the default SID filtering ? )
2)What if the trust is re-create again ? Will my users with SID history
still be able to access these NT4 Domains based on sidhistory the same as
they are before?
3) What can be done to prevent this lost of trust ( if true ) from happening
?
Please help me to answer these questions, highly appreciated !
Jason
I have a child W2K domain with 4 sites in native mode. Each sites has 2 DC
+GC. Our doamin maintains three external trust relationship with other NT4
domains ( say NT4domain A, B and C ). Actually , our child domain is
migrated from one of the NT4 domain ( domain A ) using ADMT. We still have
about 40% of users having a SID History.
Recently ,one of our sites's local system admin insist to upgrade their DC s
from W2K to W2K3 ( for some funny business reason). My concern is, after
they have upgrade their two DCs to W2k3 while we are still on W2K DC native
mode ( I suppose they could only maintain the same W2k native functional
level ) , will our trust with the NT4 domains be lost ? I heard from a
colleague that once the DCs upgraded to W2K3, immediately, due to SID
filtering , our domain will lost the trust relationship with these external
NT4 domains as they are , relatively , regarded as External forest.
My questions are:
1) It this true , that is , the trust relation will lost immediately ? (
because of the default SID filtering ? )
2)What if the trust is re-create again ? Will my users with SID history
still be able to access these NT4 Domains based on sidhistory the same as
they are before?
3) What can be done to prevent this lost of trust ( if true ) from happening
?
Please help me to answer these questions, highly appreciated !
Jason