Not when adding the first 2008+ DC but when removing the last pre-2008+ DC and upping the DFL or FFL to 2008+. Some infrastructure devices can't handle the AES-256 encryption for AD Integration. All the issues I have seen have been resolved by switching the affected device to use LDAP instead of AD.
Thanks Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: David Lum [mailto:[email protected]] Subject: Standing up 2K8DC - finally. Opinions? So, the slow waters here finally have us standing up our first W2K8 DC in our employee domain on Saturday. * We have already extended the schema * Have already gone through this list: http://blogs.technet.com/b/glennl/archive/2009/08/21/w2k3-to-w2k8-active-directory-upgrade-considerations.aspx * We have GPO's that already implement the LM Hash, older cryptology and the SMB-signing change, some others on that list don't apply. * We have confirmed with Microsoft (they were here a few months ago) that our AD infrastructure is healthy and configured as they'd recommend. * Exchange is hosted, not onsite I think this will be a no-brainer upgrade, but I am still going to have folks text VPN, Windows, Linux and Mac client logins and file accesses. Has anyone ever seen a crippling issue when adding the first 2008 DC to their 2003 domain? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
