Hi All

I am currently working on a piece to decommission our ldap domain in our offices across the UK and move to a fully Wintel environment. We have a mixture of environments at the moment, we have an old NT Domain, a LDAP domain on Linux and an Active Directory domain. The AD domain is the forest root and there are trusts to the NT and Linux domain from here as well other domains from our partner countries.

All of our services are hosted in a Data center and we have MPLS Wan links to all of our offices, we have 4 in total. All of our Windows domain controllers are hosted in the DC, with our Linux environment, we have master LDAP/DNS/DHCP/NTP in the DC and have replicas in the office locations, one at a time they have been decommissioned as the local offices have moved over to the Windows equivalents of those services i.e. moving users/computers from Linux to AD domain.

I have a question with regards to 1 office where the majority of our users reside. I have removed the dependance of LDAP now and now want to create a DNS and DHCP for this office. That part I am OK with, however because the number of users I see there will likely be a benefit if I install a RODC in this office.

My question is in the DC we have 3 DCs, our forest and domain levels are set to 2003. If I was to create another 2008R2 RODC in this office would it have an issue with the NT trust?

I read this article and got slightly concerned
Friday Mail Sack: Newfie from the Grave Edition - Ask the Directory Services Team - Site Home - TechNet Blogs

It talks about NT trusts and 2008R2 DCs not being compatible... Have others encountered this issue? The NT4 domain is going but I am not in a place to remove it yet due to legacy applications still reliant on this.

Thanks