Possibly incorrect.
If some of those legacy applications use the NT4 API you may have some issues. For instance in my enviornment I have a "legacy application" Crystal Enterprise - it is using an NT4 API for determining group membership for security. As you know there is a large change in groups from NT4 to Win2k/AD. So native mode and nested groups would be an obvious No - No. You should examine your applications and try to determine how they might be affected. This situation could be one way.
In general though, most environments should have no problem moving to native mode.
 | Jim Katoe
Mindshare Directory Services Manager MCSE,MCSA,PCLP,CCNA,CCDA,CNA Worldwide IT Infrastructure Team 825 8th Avenue, NY, NY 10019 |
email: [EMAIL PROTECTED] Office: 646.756.4587 Fax: 646.756.5951 |
| "Don Murawski (Lenox)"
<[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 01/16/2003 11:29 AM
|
To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> cc: Subject: RE: [ActiveDir] Authentication ? |
Let me clear up my question!
I have NO 4.0 BDCs, All Win2k DC's, but have a lot of legacy clients and applications.
Switching to native mode, I'm assuming should have NOT impact on these applications or systems.
-----Original Message-----
From: Craig Cerino [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 11:14 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Authentication ?
Unless I am reading his email wrong - - -
He is considering going to NATIVE mode which means one of two things:
1. He already HAS Win2K Srv and a few 2k servers on the wire
2. He is planning to purchase WIN2K Srv
In EITHER case (which is just assumed since he is considering migrating) he would still have to RUN DCPROMO to upgrade the PDC and BDCs or make them member servers or remove them from the domain.
Don - we haven't heard form you since you opened the thread - - please let us know what is the case so we can stop bickering and help you.
Guys - -I am not trying to argue - - unfortunately vocal inflection and tone just don't translate well via email - - - my apologies if it appears as if I'm yelling or picking a fight.
-----Original Message-----
From: Kevin Gent [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 11:13 AM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] Authentication ?
The only way his NT 4 PDCs and BDCs are going to become DCs in a Win2K domain is to purchase W2K and upgrade them.
----- Original Message -----
From: Craig Cerino
To: [EMAIL PROTECTED]
Sent: Thursday, January 16, 2003 8:07 AM
Subject: RE: [ActiveDir] Authentication ?
Right - - but if he wants to keep what used to be his PDC and BDC's in the loop they will either have to be made DCs by running DCPROM - - or get them out of the replication loop by making them member servers or removing them from the domain
-----Original Message-----
From: EALES, Jack - FPIL [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 7:51 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Authentication ?
switching to native mode means having NO more NT4.0 BDC's... that's when it becomes a Native domain - rather than mixed...
-----Original Message-----
From: Craig Cerino [mailto:[EMAIL PROTECTED]]
Sent: 16 January 2003 12:41
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Authentication ?
If you run DCPROMO on them and make them a DC they will.
Which you'll have to do anyway ---- or downgrade them to member servers
-----Original Message-----
From: Don Murawski (Lenox) [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 7:16 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Authentication ?
Considering switching to native mode within a month.
Is there any different in authentication methods in native mode than mixed?
Some reason their seems to be a debate around my company about some applications may be affected?
It's my understanding that making the switch to native mode means that 4.0 DC's will not longer be able to replicate.
Don L Murawski
Sr. Network Administrator - MCSE 4.0, 2000
WorldTravel BTI
1055 Lenox Park Blvd
Suite 420
Atlanta, GA 30319
Phone: (404) 923-9468
Fax: (404) 949-6710
Cell: (678) 549-1264
