Hey Rocky.
Assuming everything is configured and working properly you
will see
1. Authentication working fine.
2. Any changes being done from the legacy clients not
working fine as they make changes on the PDC.
Things that can throw a monkey wrench into this...
1. Name Res issues
2. A BDC that hasn't been replicating but is being
crutched by the fact that a DC will forward a logon request to the PDC for
verification... So say you have a BDC/DC that hasn't replicated in a while, the
passwords slowly go out of sync for users. However the DC/BDC keeps forwarding
what it thinks are bad passwords to the PDC for verification and it says they
are fine so the people log on... But then the PDC is no longer there, wham those
users no longer can log on...
I do want to say also that there are functional changes in
how the DCs handle certain things as well when going to Native mode.
Specifically we saw an issue with our use of the builtin Everyone group. We
previously had added that to the WINS USERS group on our DCs so that DCs running
WINS could be queried for their records by anyone. This is great for
troubleshooting if you have knowledgeable admins out in the field. When we
switched to native mode this functionality broke, we actually had to add Domain
Users for all of our domains to the groups instead of Everyone. I sent that to
MS a couple of years ago and they admitted that there was an issue there and
that it could affect some other things like what we were doing but never gave me
answer as to what really happened.
I do recommend to everyone (real people not the security
principal) that they TEST TEST TEST TEST changes like this in their lab
environment with their LOB apps to make sure they don't run into something
strange.
joe From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rocky Habeeb Sent: Wednesday, January 28, 2004 8:23 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Native Mode People,
So
please tell me ... if there is only one PDC Emulator, and it goes down, what
happens to NT4 clients trying to authenticate and logon?
Rocky
Habeeb
Microsoft Systems Administrator
James
W. Sewall Company
_____________________________________
|
Title: Native Mode
- RE: [ActiveDir] native mode Jorge de Almeida Pinto
- RE: [ActiveDir] native mode rrutherford
- [ActiveDir] Native Mode Sudhir Kaushal
- RE: [ActiveDir] Native Mode Simon Geary
- RE: [ActiveDir] Native Mode Joe Baguley
- [ActiveDir] Native Mode james . cate
- RE: [ActiveDir] Native Mode Roger Seielstad
- RE: [ActiveDir] Native Mode Craig Cerino
- RE: [ActiveDir] Native Mode Kuhlman, Philip S
- RE: [ActiveDir] Native Mode Rocky Habeeb
- RE: [ActiveDir] Native Mode Ken Cornetet
- RE: [ActiveDir] Native Mode Sudhir Kaushal
- RE: [ActiveDir] Native Mode Travis.Weeks
- RE: [ActiveDir] Native Mode Roger Seielstad
- RE: [ActiveDir] Native Mode Roger Seielstad