none
AD Upgrade

    Question

  • I have a network that has a NT 4.0 Domain with a trust with a Windows 2003 domain. If I break the trust with NT 4.0 can I upgrade the Win 2003 Domain to Win 2008R2 while the NT 4 domain is still on the wire because of a application that's running in the NT domain until a application is decided on that will run in the 2008R2 domain?

    Stephen Ross

    Monday, February 03, 2014 9:17 PM

Answers

  • Breaking the trust will allow you to upgrade the domain.  However, that doesn't mitigate the serious issue of your Windows NT domain still existing. 
    *If* you do this, ensure the account name/password pairs of the two domains do not match - most particularly if they are admin accounts.  Your NT domain is fairly easy pickings if discovered by a bad guy - and if the accounts in both domains are the same, your newly-promoted W2k12 will be toast.

    -ds


    David Shaw [MSFT]

    Monday, February 03, 2014 11:08 PM

All replies

  • Breaking the trust will allow you to upgrade the domain.  However, that doesn't mitigate the serious issue of your Windows NT domain still existing. 
    *If* you do this, ensure the account name/password pairs of the two domains do not match - most particularly if they are admin accounts.  Your NT domain is fairly easy pickings if discovered by a bad guy - and if the accounts in both domains are the same, your newly-promoted W2k12 will be toast.

    -ds


    David Shaw [MSFT]

    Monday, February 03, 2014 11:08 PM
  • Thanks

    Stephen Ross

    Tuesday, February 04, 2014 7:50 PM
  • Hi Stephen,

    Glad to hear that you have the answers now.

    Please feel free to let us know if there are any issues in the future.

    Best Regards,

    Amy Wang

    Wednesday, February 05, 2014 2:22 AM
    Moderator