Solved

Windows Server 2012 R2 domain-forest functional level

Posted on 2014-02-19
1
1,311 Views
Last Modified: 2014-02-20
we are migrating our AD forest. now,we have only server 2008 and 2012 R2 DCs,but we do have 2000 and 2003 member servers. can we still upgrade to 2008 R2 domain-forest functional level first as a first step? once we have all 2012 R2 DCs,we will then upgrade there too.
what are the (security) benefits by running on 2012 R2 domain-forest functional level?
0
Comment
Question by:DukewillNukem
1 Comment
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 39870783
Yes you can still have 2003 member servers, Windows 2000 is no long officially supported so test that first.

You will get features like dynamica access control and there are some pass the hash mitigations in 2012 R2.  I'll send out a presentation on that later.

Thanks

Mike
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question