Forest functional levels are treated like domain functional levels. Advancing from a lower to a higher forest functional level is a one way process that cannot be reversed. Although domain functional levels can be independent of other domain s in the forest, the forest functional level applies to all domains within that forest. Three forest functional levels are available within Windows Server 2000, Windows Server 2003, and Windows Server 2008. As when dealing with domain functional levels, Windows Server 2008 Active Directory supports only domain controllers that are running Windows 2000, Windows Server 2003, and Windows Server 2008. Windows NT 4.0 domain controllers are no longer supported.
Windows 2000 is the default forest functionality enabled when the first Windows Server 2008 domain controller is introduced into the network. Just as in Windows 2000 native domain functionality, Windows 2000 forest functionality supports domain controller running Windows 2000, Windows Server 2003, and Windows Server 2008. Windows 2000 is the default forest functional level for installations of new Windows Server 2008 Active Directory forests.
Forest Functional Level Features in Windows 2000
The Windows 2000 forest functional features include:
- Install from Media: – This is the same feature that was distributed in the Windows 2000 native domain functional level. It allows servers to be promoted to domain controllers using a backup replica from another domain controller.
- Universal Group Caching: – This feature allows users to log on to a domain at a remote site without having a global catalog server present in that site.
- Application Directory Partitions: – Like the Windows 2000 native domain functionality, this allows a separate replication partition for application data that does not need to be globally available. It allows greater control over the scope of replication within a network.
The next forest functional level is Windows Server 2003, which requires that all domain controllers have Windows Server 2003 or Windows Server 2008 installed. Before raising the forest functional level, it is important to ensure that support for Windows 2000 domain controllers is no longer required. Raising the forest functional level is an irreversible procedure like raising the domain functional level.
Forest Functional Level Features in Windows 2003
The Windows Server 2003 forest functional level includes all Windows Server 2000 features, as well as the following features:
- Improved Replication of Group Objects: – In Windows 2000, whenever you make a change to the member list of a group object, the entire member list is replicated throughout the domain. By raising the forest functional level to Windows Server 2003, Active Directory can take advantage of Link-Value Replication, which will replicate only the portions of the member list that have actually been added, modified, or deleted.
- Dynamic Auxiliary Class Objects: – This is a new schema modification option that provides support for dynamically linking auxiliary classes to individual objects. Prior to this functionality, an auxiliary class object could be linked only to an entire class of objects.
- User Objects can be converted to InetOrgPerson Objects: – The inetOrgPerson objects are used by non-Microsoft LDAP directory services, such as Novell. This new base object in Windows Server 2003 allows easier migration of objects from these other platforms.
- Schema Deactivations: – Windows Server 2003 allows you to deactivate classes or attributes that have been added to the schema.
- Domain Rename: -Domains can be renamed within this functional level to accommodate major design changes on your network.
- Cross-forest trusts permitted: – This trust type was introduced in Windows Server 2003 and allows resources to be shared between Active Directory forests.
- Improved Intersite Topology Generation (ISTG) :- ISTG is the process used to initiate the creation and management of the replication topology between sites. In Windows 2000, this feature was limited by the number of sites in the forest. IN Windows Server 2003, this feature scales to allow a greater number of sites.
The Windows Server 2003 forest functional level assumes that all domains have been raised to Windows Server 2003 before the forest is raised. All new features and enhancements become available. However, note that all new domain controllers introduced into the domain must be installed as a Windows Server 2003 product.
The highest available forest functional level is Windows Server 2008. In Active Directory, the Windows Server 2008 functional level does not unlock any new functionality within Active Directory. Its primary purpose is to ensure that once the forest functional level has been raised to Windows Server 2008, any new child domains that are added to the forest will automatically be created at the Windows Server 2008 domain functional level. This ensures that all new child domains have immediate access to the advanced functionality of the Windows Server 2008 domain function level, as well as preventing any down-level domain controllers from being added to the forest.
If you want to raise the forest functional level then use the following guideline:
- To raise the functional level of a forest, you must be logged on as a member of the Enterprise Admins group.
- The functional level of a forest can be raised only by connecting to the DC that holds the Schema Master role. This server is the authority for all schema changes.
- All domain controllers in the entire forest must be running an operating system supported by the targeted forest functional level.
- Raising the forest functional level to the highest level, Windows Server 2008, requires that all domains within the forest be at the Windows Server 2008 functional level.
- During a forest functional level advancement, all domains will automatically be raised to support the new forest function level.
- Raising the forest functional level is an irreversible procedure.
Different Forest Functional Level Summary
Below is the short summary of forest functional levels.
FOREST FUNCTIONAL LEVELS
SUPPORTED OPERATED SYSTEMS
WINDOWS SERVER 2003 FEATURES
|Windows 2000||Windows 2000||Install from Media|
|Windows Server 2003||Universal group caching|
|Windows Server 2008||Application Directory partitions|
|Enhanced user interface|
|Windows Server 2003||Windows Server 2003||All Windows 2000 functionality and the following:|
|Windows Server 2008||Linked-value replication|
|Improved ISTG functionality|
|User objects can be converted to inetOrgPerson objects|
|Schema modifications to attributes and classes|
|Can create instance of Dynamic|
|Ausiliary class objects called dynamic Objects|
|All new domains will be created at the Windows Server 2003 domain functional level|
|Windows Server 2008||Windows Server 2008||All new domains will be created at the Windows Server 2008 domain functional level|