THE DIFFERENCES BETWEEN DOMAIN AND FOREST TYPES

Windows Server 2003 adds a new level of complexity to what can happen when a domain or forest contains different versions of Windows Server. For example, a Windows Server 2003-only domain supports the ability to rename domain controllers, the ability to redirect the user and computer containers, and application groups.

Here are the four types of domains:

* WINDOWS 2000 MIXED: This is the default type of domain, and it allows domain controllers running Windows NT, 2000, or 2003.

* WINDOWS 2000 NATIVE: This type of domain supports only Windows 2000 and 2003 domain controllers. It adds support for group nesting, universal groups, converting groups between security and distribution groups, and more.

* WINDOWS SERVER 2003 INTERIM: Commonly used when upgrading from NT to 2003, this type of domain supports only Windows NT and Windows Server 2003 domain controllers. This level doesn't add any new features.

* WINDOWS SERVER 2003: This type of domain only supports Windows Server 2003 domain controllers. This level adds some advanced features, including the ability to rename domain controllers and constrained delegation.

Here are the three types of forests:

* WINDOWS 2000: This is the default forest level. It allows Windows NT, 2000, and 2003 domain controllers, and it provides all of the functions available in Windows 2000.

* WINDOWS SERVER 2003 INTERIM: As with domains, this is the forest type when upgrading a Windows NT domain, and it allows Windows NT and Windows Server 2003 domain controllers. This forest type adds a number of features, including efficient group member replication using linked value replication. It also adds a number of Active Directory attributes.

* WINDOWS SERVER 2003: This forest type only supports Windows Server 2003-based domain controllers. It adds all of the features from the Interim level as well as advanced features such as Application Groups.