Trust between Win2K3 native mode to Win2k Mixed Mode

Discussion in 'Windows Server' started by Neil, Feb 4, 2005.

  1. Neil

    Neil Guest

    Is it possible to establish a trust relationship between Win2K3 in native
    mode and Win2K in mixed mode. Reason, I am asking is, I had to raise the
    Forest and Domain level to Native mode in Win2K3 while I did a domain rename.
    Now, I know for sure that the trust between Win NT and Win2K3 is not going to
    take place. But, do you think that this would cause any problem to establish
    a trust between Win2K3 and Win 2000 ADS in mixed mode.

    Please, its urgent. thanks,
    Neil, Feb 4, 2005
  2. Neil

    Allen Firouz Guest

    Allen Firouz, Feb 4, 2005
  3. Neil

    Neil Guest


    First thank you for the information provided. So, as you have mentioned, I
    can establish trust between a Windows Server 2003 running in Native mode to
    another Windows 2000 domain in another forest running in mixed mode. Because,
    I was concerned when I try to establish a trust from Win2K3, I get the screen
    which says

    Trust Type

    Select the appropriate trust type

    Realm Trust

    Trust with a Windows domain

    And, I know that this is not the screen which I should get when I try to
    establish a trust and it should be another screen. Moreover, I am not sure
    cause it is due to DNS that this is not recognizing the name of the domain I
    am giving or is it due to NetBIOS traffic not working between the two sites.

    My scenario is like this.

    I have 2 Win2K3 domain controllers in a separate forest and all the servers
    under this domain are Win2K3. I am trying to establish a trust between this
    domain controller (Win2K3) and another remote customer domain controller
    running Win2K which I am not sure whether it is in Native mode or Mixed mode.
    But, I am confident that it is running in mixed mode at their end.

    Also, there is a customer which has an NT domain for which a one way trust
    needs to be established. So, according to what you say is that by bringing it
    to native mode it does not affect the trust relationship and only the added
    features that are available in native mode takes effect. Also, I do see that
    you can bring the domains / forest to native mode unless all the domain
    controllers and member servers are of the same operating system level and it
    cannot be having a mix of win2k and win2k3 or NT. Is that correct?
    Neil, Feb 4, 2005
  4. Neil

    Allen Firouz Guest

    let's take this question by question:
    You should user ADD&T MMC to create your trust. Walk through the wizard and
    it will prompt you for the proper credentials, etc. Also, if there is a
    failure, you will have an event log to reference.
    NetBIOS and/or DNS are vital to establishing a trust. Ensure that if you are
    connecting to the NT domain, that NetBIOS is turned on and working properly.
    To establish a trust, both sides must be able to "see" each other. This link
    will help you with NetBIOS setup:
    This is correct. You can still make the trust relationship work, as long as
    they can see each other.
    You can only go Native Mode (2003 or 2000) if ALL your DC's are on the same
    OS version. Remember that this only applies to your DC's. You can have
    member servers of every OS, version, build, etc. But your DC's have to all
    be either 2003 (for NativeMode 2003) or 2000 (for NativeMode 2000).

    good luck,

    -Allen Firouz
    Allen Firouz, Feb 4, 2005
