locked
2008R2 的 AD 功能請教 RRS feed

  • 問題

  • 請問
     在 2008 R2 AD部份新增的功能 ,有沒有什麼功能必須 全部 DC 或 RODC 都是 R2才能啟用
    不能有 2008x86+2008x64+2008R2 多種DC 在同一個網域內

    謝謝
    2010年1月20日 下午 01:29

解答

所有回覆

  • Dear Sir,

    在2008 DC裡,沒有分版本,功能都是一樣的.
    只有在W2K8 與其它版本混合使用時,才會依啟用的 funtional level的不同而有所不同.
    http://blogs.techrepublic.com.com/datacenter/?p=308

      2000 native 2003 native 2008 native
    DCs allowed W2K, W2K3, W2K8 W2K3, W2K8 W2K8 only
    Domain features Universal groups, Group nesting, Group conversions, Security identifier (SID) history Ability to rename domain controllers via netdom.exe, Logon time stamp dates, Redirect Users and Computers, Authorization Manager policies in AD, Constrained delegation, Selective authentication Distributed File System replication support for SYSVOL, Advanced encryption, Last Interactive Logon information, Fine-grained password policies
    Forest features All default AD features Forest trust, domain rename, linked-value replication, Read-only domain controller deployment, instances of the dynamic auxiliary class named dynamicObject in a domain directory partition, convert inetOrgPerson object instance into a User object instance, create instances of new group types to support role-based authorization, deactivation and redefinition of attributes and classes in the schema No new additional forest-level features
      2000 native 2003 native 2008 native
    DCs allowed W2K, W2K3, W2K8 W2K3, W2K8 W2K8 only
    Domain features Universal groups, Group nesting, Group conversions, Security identifier (SID) history Ability to rename domain controllers via netdom.exe, Logon time stamp dates, Redirect Users and Computers, Authorization Manager policies in AD, Constrained delegation, Selective authentication Distributed File System replication support for SYSVOL, Advanced encryption, Last Interactive Logon information, Fine-grained password policies
    Forest features All default AD features Forest trust, domain rename, linked-value replication, Read-only domain controller deployment, instances of the dynamic auxiliary class named dynamicObject in a domain directory partition, convert inetOrgPerson object instance into a User object instance, create instances of new group types to support role-based authorization, deactivation and redefinition of attributes and classes in the schema No new additional forest-level features

    DCs allowed

    W2K, W2K3, W2K8

    W2K3, W2K8

    W2K8 only

    Domain features

    Universal groups, Group nesting, Group conversions, Security identifier (SID) history

    Ability to rename domain controllers via netdom.exe, Logon time stamp dates, Redirect Users and Computers, Authorization Manager policies in AD, Constrained delegation, Selective authentication

    Distributed File System replication support for SYSVOL, Advanced encryption, Last Interactive Logon information, Fine-grained password policies

    Forest features

    All default AD features

    Forest trust, domain rename, linked-value replication, Read-only domain controller deployment, instances of the dynamic auxiliary class named dynamicObject in a domain directory partition, convert inetOrgPerson object instance into a User object instance, create instances of new group types to support role-based authorization, deactivation and redefinition of attributes and classes in the schema

    No new additional forest-level features


    $亮晶晶的小欣$ Gary Yuan. http://yuanwenshin.spaces.live.com
    2010年1月20日 下午 02:03
  • 關於你的問題,剛好微軟TechNet技術文件庫近期有更新R2 的相關說明:Understanding AD DS Functional Levels
    給您參考看看。 :)
    蘇老碎碎念
    資訊無涯,回頭已不見岸
    好用的微軟技術支援小工具
    微軟將於一月初舉辦Technet&MSDN技術社群交流活動,歡迎大家熱情參加喔!
    • 已提議為解答 Vincent Lin 2010年1月21日 上午 01:57
    • 已標示為解答 Vincent Lin 2010年1月24日 上午 01:56
    2010年1月20日 下午 03:47
    版主