Solved

Windows Server 2012 R2 domain-forest functional level

Posted on 2014-02-19
1
1,310 Views
Last Modified: 2014-02-20
we are migrating our AD forest. now,we have only server 2008 and 2012 R2 DCs,but we do have 2000 and 2003 member servers. can we still upgrade to 2008 R2 domain-forest functional level first as a first step? once we have all 2012 R2 DCs,we will then upgrade there too.
what are the (security) benefits by running on 2012 R2 domain-forest functional level?
0
Comment
Question by:DukewillNukem
1 Comment
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 39870783
Yes you can still have 2003 member servers, Windows 2000 is no long officially supported so test that first.

You will get features like dynamica access control and there are some pass the hash mitigations in 2012 R2.  I'll send out a presentation on that later.

Thanks

Mike
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
[b]Ok so now I will show you how to add a user name to the description at login. [/b] First connect to your DC (Domain Controller / Active Directory Server) SET PERMISSIONS FOR SCRIPT TO UPDATE COMPUTER DESCRIPTION TO USERNAME 1. Open Active …
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question