Raising Forest and Domain functional levels to 2008 R2.

Just putting this out there to see if anyone has any good info or experiences to share before proceeding with this process.

I currently has a network with 1 Forest and 3 Domains. Within that there are a total of 10 Domain Controllers spread out between each of the domains within this forest. All of the Domain Controllers are running Windows Server 2008 R2 as their OS, but Active Directory is running under 2003 functional level for both the forst and domain.

I am at a point where i would like to raise both the forest and domain functional levels from 2003 to 2008 R2. Just looking for any insight anyone may be able to share. Specifically i want to ensure that all of our applications will continue to function and not have any issues authenicating. We have over 1000 servers and over 5000 end users. Apps range from Office, Exchange, SQL, Sharepoint, etc.

KACE1Asked: 2013-01-03

Who is Participating?

LVL 23

Stelian StanNetwork AdministratorCommented: 2013-01-03

There is no catch here. Raise the domain and the forest functional level. Just wait for the replication to happen. I would raise the domain FL and wait 1 or 2 days before raising the forest FL, then proceed with the forest FL.

LVL 52

Manpreet SIngh KhatraSolutions Architect, Project LeadCommented: 2013-01-03

My First Q why do you want to raise the Domain and Forest functionality ?

- Rancy

LVL 22

Joseph MoodyBlogger and wearer of all hats.Commented: 2013-01-03

Straight from Microsoft's Active Directory Team:

http://blogs.technet.com/b/askds/archive/2011/06/14/what-is-the-impact-of-upgrading-the-domain-or-forest-functional-level.aspx

LVL 59

Darius GhassemCommented: 2013-01-03

You should be good to raise your functional levels but check the below link out to make sure Exchange is set to run.

http://technet.microsoft.com/en-us/library/ff728623(v=exchg.141).aspx

LVL 57

Mike KlineCommented: 2013-01-03

Just to answer Rancy's question, lots of reasons to want to raise the functional level (AD recycle bin and Fine grained passwords are to new features he will have access to once the functional level is raised).

Do you have any old NT machines anywhere?

Thanks

Mike

LVL 18

Life1430Sr EngineerCommented: 2013-01-03

I would agree with clonyxlro to upgrade step by step ..i.e update the DFL first give it time of atleast 1-2 working days then once all your domain are running 2008 R2 DFL then shoot the Forest upgrade ...take the system state backup of once DC in each domain prior upgrading DFL

KACE1Author Commented: 2013-01-03

In response to Rancy's post, I would like to have access to the recycle bin and also as mentioned by mkline71 the password policy changes would also be nice as well. I really just dont want to have AD behind my OS. If I can run it under 2008 R2, why leave it running 2003. My next step is to start looking into rolling out 2012 servers and DCs. My office never has an OS running that is more then 1 level behind. So with the release of 2012 we have to ensure that all servers are 2008 and above. Right now we only have a few 2003 left. By the end of 2013 of the 1000 servers we have there may be 25 or so which arent 2008 or higher.

I would just feel better having my DCs 2008 R2 for funtional level as well as OS, before i started getting into 2012. That way it really is just 1 step up.