General discussion

Locked

W2K Native Mode

By daniel ·
We are running W2K Server on three DCs within our network. There are no longer any NT DCs on the network, although we do run NT Server and workstation on some stand alone servers. We want to switch from Mixed mode to Native mode in W2K. I believe since we no longer have any NT DCs on the network we can do so, although I want to verify we will not run into any issues.

Any advice will be appreciated

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by ewgny In reply to W2K Native Mode

You can't have any NT BDC's
You can have NT member Servers in Native mode.
You're good to go

Collapse -

by daniel In reply to

Poster rated this answer.

Collapse -

by dmiles In reply to W2K Native Mode

Native Mode
As I mentioned earlier, native mode doesn?t support NT domain controllers; you can only have Win2K domain controllers. However, you can have NT workstations and member servers in native mode.

Major advantages of native mode include support for universal groups, nested groups, and transitive trust relationships. One of the biggest drawbacks of mixed mode is that AD?s scalability is limited to 40MB because the PDC emulator replicates changes to NT domain controllers that inherit limited scalability by design. By default, Win2K domain controllers establish an automatic two-way Kerberos trust relationship with all other domain controllers in a domain. Because NT domain controllers don?t understand Kerberos transitive trusts, you have to establish explicit (manual) one-way trusts between domains to authenticate users from other domains.

Win2K clients process group policies, and there?s a Group Policy option that lets you enable NT-style system policies for Win2K clients?but that?s an option I?d caution against. NT clients support only system policies and don?t understand group policies. Even in a Win2K network, NT clients can take advantage of NT system policies. However, you might run into problems if you have both the group and system policies enabled on your Win2K network. System policies will overwrite the Win2K group policies. One solution is to ensure that your group policies and system policies match, which might be easier said than done. By switching to native mode, you only have to deal with Win2K?s group policies.

You should now have a better picture of the issues you?ll face in native mode. Most organizations will want to switch to native mode sooner rather than later. If you?re not switching to native mode because you suspect that you?ll have to add NT BDCs to your domain, don?t worry. You can always add a new domain to your Win2K network, which installs in mixed mode by default. Then you can add NT BDCs to that domain.

Collapse -

by daniel In reply to

Poster rated this answer.

Collapse -

by daniel In reply to W2K Native Mode

This question was closed by the author

Back to Windows Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums