14 DAY TRIAL // One of the reasons why Microsoft synchronizes the releases of Windows Vista SP1 and Windows Server 2008 is the need to emphasize a high level of interoperability between the latest Windows client and server platforms. A level which is not reflected in the interaction between Windows Server 2008 and down-level operating systems such as Windows XP and Windows Server 2008. And in order to make all Windows products play well together, Microsoft has released the Windows Server 2008 read-only domain controller compatibility pack in mixed environments running XP and Windows Server 2003.
"To provide support for mixed mode operations (Win2003 & Win2008) in domains involving Win2008 DCs, all the features are made available for downlevel clients (XP and Win2003) also. However, since XP and Win2003 were not developed to support the additional checks and flags introduced in RODC, some of the features fail to work with downlevel clients are interacting with RODC. This is more apparent in Demilitarized (DMZ) networked branch offices. In this kind of setup, the clients are restricted access ONLY to RODCs and not other write-able DCs, outside the network," explained Jane Lewis, Platforms Engineer Customer Environment in the Premier Field Engineering at Microsoft.
Essentially, what Lewis pointed out is that there are inherent compatibility problems between Windows Server 2008 and older versions of Windows clients. This is because neither Windows XP, nor Windows Server 2008 feature support for Windows Server 2008 RODC features. According to the Redmond company, the issue affects XP SP2, XP SP3 and the 64-bit version of XP, as well as Windows Server 2003 SP1 and SP2. A total of five updates are available for download, designed to integrate with all the impacted operating systems.
However, unless users experience the specific symptoms described in KB944043, deploying the actual update is not needed. "You do not necessarily have to apply this update before you can deploy a read-only domain controller. Sometimes, compatibility issues do not affect your deployment. Or, you may be able to use a workaround instead of applying the update," explained Nick MacKechnie, Senior Technical Account Manager at Microsoft New Zealand.
The Windows Server 2008 RODC Compatibility Pack is available for download here.