"Windows 2000 native" vs "Windows 2003 Server" functional level.

Discussion in 'Active Directory' started by Brian Nielsen, Feb 28, 2006.

  1. Hi

    I have a question regarding what functional level I should use to get the
    following functionality to work (if possible).

    Problem:
    I have 2 domain controllers (Windows 2003 Server) - each placed in different
    sites and called (DC1, DC2) and both has domain functional level "Windows
    2000 Native".

    1. On DC1 create universal distribution group (same problem with security
    groups)
    2. Use repadmin /replicate to replicate the group to DC2.
    3. On DC1 add a user to the group.
    4. On DC2 add a user to the group.

    Consequence: The user added on DC1 is overwritten by the user added on DC2.
    What I hoped would happen: The group entries are merged, so both users are
    member of the group.

    I thought that the groups would be merged because of the 'per entry'
    replication in Windows 2003, but is this only working if the domain
    functional level is raised to "Windows 2003 Server" level? Or should it also
    work in "Windows 2000 Native" mode?

    Or it my problem another place? :)

    /Brian
     
    Brian Nielsen, Feb 28, 2006
    #1
    1. Advertisements

  2. Brian Nielsen

    Neil Ruston Guest

    In w2k native mode, the members of a group are stored as one blob and
    replicated in their entirety when changes are made. This is by design but far
    from desirable!

    Once *all* Dcs in the forest are at w2k3, you may raise the func level of
    all domains to w2k3 domain func level and then the forest itself to w2k3
    forest func level. Only then, (when forest func level raised) will those
    attributes which can be multi valued (such as group members) be stored as
    separate entities and be replicated as true deltas in the way you require.
    i.e. the scenario you describe below will result in the memberships being
    merged and not over written.

    neil
     
    Neil Ruston, Feb 28, 2006
    #2
    1. Advertisements

  3. Thanks for your quick and precise answer.

    I have read different articles about the replication enhancements of
    going to "Windows 2003 Server" level.

    But the articles do not agree about the need to upgrade domain level or
    forest level.

    Do you know if I can just upgrade the domain level (and wait with forest
    level) and get this to work?

    /Brian
     
    Brian Nielsen, Mar 1, 2006
    #3
  4. Brian Nielsen

    Neil Ruston Guest

    As my (precise) response stated, you need to:
    1. Upgrade all DCs in the forest
    2. Raise domain level for all domains in the forest
    3. Raise the forest func level to w2k3

    Only then will multi valued attributes be replicated in the way your describe.

    neil
     
    Neil Ruston, Mar 1, 2006
    #4
  5. Just like Neil said... LVR (linked value replication) is only available in
    FFL w2k3 interim (NT4 and w2k3 DCs only) and w2k3 (w2k3 DCs only)

    --

    Cheers,
    (HOPEFULLY THIS INFORMATION HELPS YOU!)

    # Jorge de Almeida Pinto # MVP Windows Server - Directory Services

    BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx
     
    Jorge de Almeida Pinto [MVP], Mar 1, 2006
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.