Microsoft has started issuing increasingly stern warnings to move from the soon-to-be-unsupported Windows Server 2003, but has also just found an obstacle to migrations away from the operating system.
The problem manifests when users run Windows Server 2003 and Windows Server 2012 R2 domain controllers serving the same domain. Some folks who do so find the Kerberos authentication protocol crashes. When that happens, it becomes impossible for users to log in to servers, which isn't really going to help a migration effort.
More ReadingDesktop, schmesktop: Microsoft reveals next WINDOWS SERVERMicrosoft rolls up more Windows Server 2012 R2 updatesJuly 14, 2015. Tuesday. No more support for Windows Server 2003. Good luckStart packing your bags for a Windows Server 2003 migrationWindows Server 2003 end of life: Plan your WS2012 migration now
Microsoft acknowledges the problem in a post titled “It turns out that weird things can happen when you mix Windows Server 2003 and Windows Server 2012 R2 domain controllers.”
That post says redmond is working on a fix, “but it’s going to take us some time to get it out to you.”
Just how much time it will take to create the fix isn't specified.
The post admits the bug is a colossal pain in the posterior, as running the two domain controllers in the same domain is just the kind of thing that can be necessary during a migration. “We realize that upgrading an enterprise environment is not easy, and much less so when your users start to have problem during your upgrade,” the post says.
The good news is that workarounds are possible, but those outlined in the post require rather a lot of working around.
Users experiencing the 'weird things' are advised to check the post we've linked to for news about the hotfix. ®