Now with the extended support date for Windows Server 2003 in mind (14-07-2015) it’s good to look at how to finally get rid of those old domain controllers. I came across a nice Technet article about how to monitor LDAP, kerberos and NTLM traffic to your domain controllers to find out which applications and servers are still using the old authentication protocols.
This article is only supported for Window Server 2008 but here is another article that will get you the same results for 2003 environments. Good luck!
