none
Server 2003 Server in 2008 R2 Functional Level Forest/Domain

    Question

  • We are in the middle of upgrading our DCs to 2008 R2.  I have my DCs in place and want to begin decomissioning our 2003 R2 DCs.  We still have a couple of dozen 2003 servers in the Forest.  Is it possible to raise the functional level of the Domain to 2008 R2 without adversely affecting our 2003 servers?

    In a nutshell, just wondering if the 2003 servers are going to play well in a 2008 R2 Functional Level Forest.

    Thanks.

    Friday, February 24, 2012 3:40 PM

Answers

  • Yes - it is. The functional level change should have no impact on your Windows Server 2003 computers - note though that in order to raise the functional level, all of your DCs need to run Windows Server 2008 R2 first...

    hth
    Marcin


    Friday, February 24, 2012 3:47 PM
  • You cannot raise functional level of domain(forest) until all DCs in that domain(forest) are 2008R2.

    Member 2003 servers would work in 2008r2 forest without any problems related to changes in AD. Member server would not be affected during raising functional level.

    Friday, February 24, 2012 3:48 PM
  • You can raise the Domain functional level to 2008 R2 once all DC's in that domain are 2008 R2.

    You can have a 2008 R2 Domain in a 2003 Forest. Once all domain controllers in forest are upgraded to 2008 R2 then you can raise the Forest functional level to 2008R2.

    Once your FFL is 2008R2 you can not add 2003/2008 Domain controllers to it, only 2008 R2. Member servers that run 2003 will have no problem in a new FFL of 2008 R2.


    MCTS - Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. http://mariusene.wordpress.com/

    Friday, February 24, 2012 3:52 PM
  • Hi,

    Functional levels determine the available Active Directory Domain Services (AD DS) domain or forest capabilities. They also determine which Windows Server operating systems you can run on domain controllers in the domain or forest. However, functional levels do not affect which operating systems you can run on workstations and member servers that are joined to the domain

    2003 member servers (not 2003 DCs) works with 2008 R2 functional levels.

    So process is add 2008R2 DCs, Demote the 2003DCs from domain, raise functional levels to 2008R2 and enjoy all the cool new features like the AD recycle bin, fine-grained passwords.

    IMP point : configure the new PDC role owner as an authorative time server
    http://msmvps.com/blogs/acefekay/archive/2009/09/18/configuring-the-windows-time-service-for-windows-server.aspx

    NOTE: If you have not enabled AD recycle bin, still you can roll back the windows 2008R2 functional levels to windows 2008.

    Understanding AD functional levels: http://technet.microsoft.com/en-us/library/understanding-active-directory-functional-levels(v=ws.10).aspx


    Best Regards,

    Abhijit Waikar.
    MCSA 2003 | MCSA:Messaging | MCTS | MCITP:Server Administrator | Microsoft Community Contributor | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.


    Friday, February 24, 2012 5:17 PM
  • Hello,

    as others already mentioned, no problem in raising the level if no earlier OS exist, otherwise you also will get an error that earlier OS DCs still exist. So if there was a DC crash with earlier OS and the AD database was not cleared with metadata cleanup the raise will fail with an error message.


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Friday, February 24, 2012 7:33 PM

All replies

  • Yes - it is. The functional level change should have no impact on your Windows Server 2003 computers - note though that in order to raise the functional level, all of your DCs need to run Windows Server 2008 R2 first...

    hth
    Marcin


    Friday, February 24, 2012 3:47 PM
  • You cannot raise functional level of domain(forest) until all DCs in that domain(forest) are 2008R2.

    Member 2003 servers would work in 2008r2 forest without any problems related to changes in AD. Member server would not be affected during raising functional level.

    Friday, February 24, 2012 3:48 PM
  • You can raise the Domain functional level to 2008 R2 once all DC's in that domain are 2008 R2.

    You can have a 2008 R2 Domain in a 2003 Forest. Once all domain controllers in forest are upgraded to 2008 R2 then you can raise the Forest functional level to 2008R2.

    Once your FFL is 2008R2 you can not add 2003/2008 Domain controllers to it, only 2008 R2. Member servers that run 2003 will have no problem in a new FFL of 2008 R2.


    MCTS - Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. http://mariusene.wordpress.com/

    Friday, February 24, 2012 3:52 PM
  • Hi,

    Functional levels determine the available Active Directory Domain Services (AD DS) domain or forest capabilities. They also determine which Windows Server operating systems you can run on domain controllers in the domain or forest. However, functional levels do not affect which operating systems you can run on workstations and member servers that are joined to the domain

    2003 member servers (not 2003 DCs) works with 2008 R2 functional levels.

    So process is add 2008R2 DCs, Demote the 2003DCs from domain, raise functional levels to 2008R2 and enjoy all the cool new features like the AD recycle bin, fine-grained passwords.

    IMP point : configure the new PDC role owner as an authorative time server
    http://msmvps.com/blogs/acefekay/archive/2009/09/18/configuring-the-windows-time-service-for-windows-server.aspx

    NOTE: If you have not enabled AD recycle bin, still you can roll back the windows 2008R2 functional levels to windows 2008.

    Understanding AD functional levels: http://technet.microsoft.com/en-us/library/understanding-active-directory-functional-levels(v=ws.10).aspx


    Best Regards,

    Abhijit Waikar.
    MCSA 2003 | MCSA:Messaging | MCTS | MCITP:Server Administrator | Microsoft Community Contributor | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.


    Friday, February 24, 2012 5:17 PM
  • Hello,

    as others already mentioned, no problem in raising the level if no earlier OS exist, otherwise you also will get an error that earlier OS DCs still exist. So if there was a DC crash with earlier OS and the AD database was not cleared with metadata cleanup the raise will fail with an error message.


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Friday, February 24, 2012 7:33 PM