Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Raising Forest and Domain functional levels to 2008 R2.

Posted on 2013-01-03
8
Medium Priority
?
802 Views
Last Modified: 2013-02-14
Just putting this out there to see if anyone has any good info or experiences to share before proceeding with this process.

I currently has a network with 1 Forest and 3 Domains.  Within that there are a total of 10 Domain Controllers spread out between each of the domains within this forest.  All of the Domain Controllers are running Windows Server 2008 R2 as their OS, but Active Directory is running under 2003 functional level for both the forst and domain.

I am at a point where i would like to raise both the forest and domain functional levels from 2003 to 2008 R2.  Just looking for any insight anyone may be able to share.  Specifically i want to ensure that all of our applications will continue to function and not have any issues authenicating.  We have over 1000 servers and over 5000 end users.  Apps range from Office, Exchange, SQL, Sharepoint, etc.
0
Comment
Question by:KACE1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 23

Accepted Solution

by:
Stelian Stan earned 1600 total points
ID: 38740158
There is no catch here. Raise the domain and the forest functional level. Just wait for the replication to happen. I would raise the domain FL and wait 1 or 2 days before raising the forest FL, then proceed with the forest FL.
0
 
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38740168
My First Q why do you want to raise the Domain and Forest functionality ?

- Rancy
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 38740181
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 38740213
You should be good to raise your functional levels but check the below link out to make sure Exchange is set to run.

http://technet.microsoft.com/en-us/library/ff728623(v=exchg.141).aspx
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 400 total points
ID: 38740400
Just to answer Rancy's question, lots of reasons to want to raise the functional level (AD recycle bin and Fine grained passwords are to new features he will have access to once the functional level is raised).

Do you have any old NT machines anywhere?

Thanks

Mike
0
 
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38741007
I would agree with  clonyxlro to upgrade step by step ..i.e update the DFL first give it time of atleast 1-2 working days then once all your domain are running 2008 R2 DFL then shoot the Forest upgrade ...take the system state backup of once DC in each domain prior upgrading DFL
0
 

Author Comment

by:KACE1
ID: 38741088
In response to Rancy's post, I would like to have access to the recycle bin and also as mentioned by mkline71 the password policy changes would also be nice as well.  I really just dont want to have AD behind my OS.  If I can run it under 2008 R2, why leave it running 2003.  My next step is to start looking into rolling out 2012 servers and DCs.  My office never has an OS running that is more then 1 level behind.  So with the release of 2012 we have to ensure that all servers are 2008 and above.  Right now we only have a few 2003 left.  By the end of 2013 of the 1000 servers we have there may be 25 or so which arent 2008 or higher.

I would just feel better having my DCs 2008 R2 for funtional level as well as OS, before i started getting into 2012.  That way it really is just 1 step up.
0
 

Author Comment

by:KACE1
ID: 38741090
BTW thanks for all the great information everyone.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question