Hello –
I’ve tried finding this information on the Googles, but come up with a whole lot of worthless information. I’ve been told in the past that you should not create forest trusts between forests that are at differing functional levels. Is this true?
I have a 2016 forest that I need to create a two way trust with another forest that is is running at a 2012R2 FFL. I’ve heard that you can lose some functionality or there may be incompatible ciphers etc that could complicate creation of the trust.
Yes, yes, we should just be building new 2016 DCs in the 2012R2 forest and demoting the old DCs and raising the functional level to match the other forest, but there is a lot of hard coding of DC names and IPs for DNS, LDAP, NTP etc present and the time it would take to track all that down is outside the scope of this project.
Can anyone give me a definitive answer of the possible consequences are of creating an inter-forest trust between two forest that are at different functional levels?