Name
mixed mode
Synopsis
A domain mode that supports downlevel Windows NT domain controllers.
Description
You can create a new Windows 2000 domain by either:
Installing a fresh copy of Windows 2000 Server on a computer and then promoting it to the role of domain controller using the Active Directory Installation Wizard
Upgrading an existing Windows NT 4.0 PDC to Windows 2000, which upgrades it to the role of domain controller automatically
Either way you do this, the result is a Windows 2000 domain running in mixed mode. In mixed mode, Windows 2000 domain controllers use NTLM as their protocol for authenticating both clients and servers running either Windows NT or Windows 2000. This enables users to continue to log on and access network resources during the migration process while there remains a mixture of Windows 2000 and Windows NT domain controllers in the domain.
Once you have fully migrated all your servers and clients from Windows NT to Windows 2000, however, you should change the domain from mixed mode to native mode to make use of the more secure, Kerberos v5 authentication protocol supported by Windows 2000 clients and servers.
Notes
NTLM is also used for authentication by Windows 2000 computers that are configured to belong to a workgroup instead of a domain.
Mixed mode does not support universal groups, nested groups, or transitive trusts between domains.
Windows 2000 domain controllers configured as remote-access servers and running in mixed-mode domains must have separate remote-access ...
Get Windows 2000 Administration in a Nutshell now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
