Elevate Forest & Domain Functional Levels

%3CLINGO-SUB%20id%3D%22lingo-sub-1191296%22%20slang%3D%22en-US%22%3EElevate%20Forest%20%26amp%3B%20Domain%20Functional%20Levels%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1191296%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20run%20two%20Windows%202016%20Servers%20for%20Active%20Directory...One%20is%20a%20primary%20and%20the%20other%20secondary%20domain%20controller.%3CBR%20%2F%3EThere%20is%20a%20request%20to%20have%20us%20elevate%20Forest%20%26amp%3B%20Domain%20functional%20levels%20on%20both%20servers%20from%20their%20current%202003%20set%20levels.%20The%20requester%20says%20it%20is%20necessary%20to%20%22gain%20functionality%20that%20allows%20us%20to%20better%20manage%20settings%20within%20Windows%2010%22.%20He%20then%20goes%20on%20to%20say%2C%20%22I%20was%20looking%20to%20raise%20it%20to%20Server%202012%20R2%20per%20recommendation%20from%20one%20of%20our%20reserves%20who%20does%20AD%2FAzure%20deployments%20full-time.%20That%20should%20get%20us%20what%20we%20need.%22%3CBR%20%2F%3EAre%20there%20potential%20pitfalls%20to%20elevating%20it%20other%20than%20we%20cannot%20roll%20it%20back%3F%20Why%20would%20we%20not%20choose%20to%20elevate%20it%20to%20the%20highest%20one%20available%20in%20the%20list%20we%20have%20on%20the%20servers%20which%20is%202016%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1193652%22%20slang%3D%22en-US%22%3ERe%3A%20Elevate%20Forest%20%26amp%3B%20Domain%20Functional%20Levels%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1193652%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F566837%22%20target%3D%22_blank%22%3E%40EllisCoTx%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAccording%20to%20Microsoft%3A%3C%2FP%3E%3CDIV%3E%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%3CDIV%3E%3CSTRONG%3E%22The%20functional%20level%20of%20a%20domain%20or%20forest%20defines%20only%20the%20set%20of%20Windows%20operating%20systems%20that%20can%20run%20on%20domain%20controllers%20and%20the%20set%20of%20available%20features.%20It%20does%20not%20define%20the%20client%20operating%20systems%20that%20are%20supported%20in%20the%20forest.%22%20%3C%2FSTRONG%3E%3C%2FDIV%3E%3C%2FDIV%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20is%20what%20it%20said%20in%20my%20windows%20server%202008%20R2%20when%20I%20click%20the%20help%20button%20(because%20on%20server%202012%20and%20higher%20it%20will%20navigate%20you%20to%20their%20website).%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20raised%20it%20before%20from%20Windows%20Server%202003%20into%202008%20R2%2C%20so%20far%20I%20didn't%20encounter%20errors%2Fissues%20when%20I%20raised%20the%20domain%20and%20forest%20functional%20level.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EFor%20me%2C%20raising%20it%20will%20improve%20the%20features%20in%20your%20domain%20since%20your%20operating%20system%20is%20Windows%20Server%202016%2C%20the%20domain%20will%20function%20within%20the%20available%20operating%20system.%20you%20cannot%20rollback%20because%20it's%20like%20you%20degrade%20your%20Windows%20Server%202016%20back%20into%20Windows%20Server%202012%20or%20lower.%20Microsoft%20does%20not%20recommend%20that.%20and%20your%20current%20domain%20will%20not%20function%20if%20you%20degrade%20your%20operating%20system.%20Microsoft%20wants%20to%20avail%20of%20the%20best%20features%20and%20the%20latest%20version%20of%20its%20products.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Efor%20potential%20pitfalls%2C%20replication%20between%20your%20primary%20%26amp%3B%20additional%20DC's%20and%20your%20configuration%20of%20your%20domain%20and%20set%20policy.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBest%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Espacegabx%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

We run two Windows 2016 Servers for Active Directory...One is a primary and the other secondary domain controller.
There is a request to have us elevate Forest & Domain functional levels on both servers from their current 2003 set levels. The requester says it is necessary to "gain functionality that allows us to better manage settings within Windows 10". He then goes on to say, "I was looking to raise it to Server 2012 R2 per recommendation from one of our reserves who does AD/Azure deployments full-time. That should get us what we need."
Are there potential pitfalls to elevating it other than we cannot roll it back? Why would we not choose to elevate it to the highest one available in the list we have on the servers which is 2016?

2 Replies
Highlighted

Hello, @EllisCoTx

 

According to Microsoft:

 
"The functional level of a domain or forest defines only the set of Windows operating systems that can run on domain controllers and the set of available features. It does not define the client operating systems that are supported in the forest."

 

This is what it said in my windows server 2008 R2 when I click the help button (because on server 2012 and higher it will navigate you to their website).

 

I raised it before from Windows Server 2003 into 2008 R2, so far I didn't encounter errors/issues when I raised the domain and forest functional level. 

 

For me, raising it will improve the features in your domain since your operating system is Windows Server 2016, the domain will function within the available operating system. you cannot rollback because it's like you degrade your Windows Server 2016 back into Windows Server 2012 or lower. Microsoft does not recommend that. and your current domain will not function if you degrade your operating system. Microsoft wants to avail of the best features and the latest version of its products. 

 

for potential pitfalls, replication between your primary & additional DC's and your configuration of your domain and set policy. 

 

Best,

 

spacegabx

Highlighted

Hello, @spacegabx 

Thank you so much for your reply and the information you shared.