Domain and Forest Functional Levels – Overview
Today I recognized, that it is not easy to find a comprehensive summary table about Active Directory Domain and Forest Functional Levels (operating mode) on the internet. There are some explanations with the functions up to Windows Server 2008 R2 and some on the differences between Windows Server 2008 R2 and Windows Server 2012.
I would like to fill this gap with this article and give you a summary table about Domain and Forest Functional Levels..
Index
Domain Functional Levels and Forest Functional Levels
Domain Functional Levels
This table shows how Windows Server versions changed regarding Domain Functional Levels and which domain controllers are supported with which Domain Functional Level.
| Domain functional level | Important changes |
Supported Domain Controller (OS) |
| Windows 2000 native | Universal groups Group nesting Transformation of Security Groups to Distribution Groups SIDHistory |
Windows 2000 Windows Server 2003 Windows Server 2008 Windows Server 2008R2 |
| Windows Server 2003 | Domain Controller rename LastLogonTimeStamp |
Windows Server 2003 Windows Server 2008 Windows Server 2008R2 Windows Server 2012 Windows Server 2012R2 |
| Windows Server 2008 |
Fine-grained password and account lockout policies |
Windows Server 2008 Windows Server 2008R2 Windows Server 2012 Windows Server 2012R2 |
| Windows Server 2008R2 |
Active Directory Web Services |
Windows Server 2008R2 Windows Server 2012 Windows Server 2012R2 |
| Windows Server 2012 |
CLAIMS support for KDC |
Windows Server 2012 Windows Server 2012R2 |
| Windows Server 2012 R2 | NTLM not supported anymore Authentication Policies |
Windows Server 2012R2 |
Forest Functional Levels
This table shows how Windows Server versions changed regarding Forest Functional Levels and which domain controllers are supported with which Forest Functional Level.
| Forest functional level | Important changes |
Supported Domain Controller (OS) |
| Windows 2000 native | All standard Active Directory functions | Windows 2000 Windows Server 2003 Windows Server 2008 Windows Server 2008R2 |
| Windows Server 2003 | Forest Trusts Domain rename RODC (read-only-domain-controller) Improved KDC (Knowledge Consistency Checker) Deactivation of attributed in the AD scheme Linked-value Replication – individual changes of a group membership are replicated, instead of the whole group |
Windows Server 2003 Windows Server 2008 Windows Server 2008R2 Windows Server 2012 Windows Server 2012R2 |
| Windows Server 2008 | No changes compared to Windows Server 2003 Forest operating mode | Windows Server 2008 Windows Server 2008R2 Windows Server 2012 Windows Server 2012R2 |
| Windows Server 2008 R2 | Active Directory Recycle Bin | Windows Server 2008R2 Windows Server 2012 Windows Server 2012R2 |
| Windows Server 2012 | No changes compared to Windows Server 2008R2 Forest operating mode | Windows Server 2012 Windows Server 2012R2 |
| Windows Server 2012 R2 | No changes compared to Windows Server 2008R2 Forest operating mode | Windows Server 2012R2 |
last update: 04/29/15
Source: Microsoft Technet
2 Comments
Leave your reply.