Solved

Windows Server 2012 R2 domain-forest functional level

Posted on 2014-02-19
1
1,322 Views
Last Modified: 2014-02-20
we are migrating our AD forest. now,we have only server 2008 and 2012 R2 DCs,but we do have 2000 and 2003 member servers. can we still upgrade to 2008 R2 domain-forest functional level first as a first step? once we have all 2012 R2 DCs,we will then upgrade there too.
what are the (security) benefits by running on 2012 R2 domain-forest functional level?
0
Comment
Question by:DukewillNukem
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 39870783
Yes you can still have 2003 member servers, Windows 2000 is no long officially supported so test that first.

You will get features like dynamica access control and there are some pass the hash mitigations in 2012 R2.  I'll send out a presentation on that later.

Thanks

Mike
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Synchronize a new Active Directory domain with an existing Office 365 tenant
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question