Pre-requisites
- The user account upgrading Domain Functional Level should need to be a part of Domain Admins
- The user account upgrading Forest Functional Level should need to be a part of Enterprise Admins
- All the Domain Controllers should have the Operating System same or later than the Domain Functional Level you are trying to upgrade to. For E.g: If you want to upgrade your Domain Functional Level to 2012 R2, All Domain Controllers should be either Windows Server 2012 R2 or higher.
- Once the Forest and Domain Functional Level is upgraded, there is no way to revert it back to previous version unless you have options to run Forest Recovery. Please note that this is a very tedious steps to revert back the Domain and Functional Functional Level, so plan out this activity thoroughly. I will write about this in more details in future posts
- There is no dependancy on Workstation or Domain Member Server Operating Systems on Domain or Forest Functional Level. Only Domain Controllers OS matters
High Level Steps
- Upgrade all your Domain Controllers Operating Systems to support the Domain Functional Level
- Upgrade the Domain Functional Level
- Upgrade the Forest Functional Level
Notes
- There are various new features enabled in each of the Domain and Forest Functional Level upgrade. Please refer to http://technet.microsoft.com/en-us/library/understanding-active-directory-functional-levels(WS.10).aspx for more details on it
Challenges
- Even though you have made a list of all Active Domain Controllers and they meet the requirement of minimum OS Level, there could be few Domain Controllers which may have been demoted\decommissioned in the past and may not have proper metadata cleanup done which poses an obstacle while upgrading the Functional Level. You may receive below errors while trying to upgrade. Make sure all the stale Domain Controller entries are washed out before upgrading the Functional Level.
"You Cannot raise the domain functional level because this domain includes Active Directory Domain Controllers that are not running the appropriate version of Windows"
- Save the output file to note the Domain Controllers still below the required version of Windows Operating System. You may see a past demoted\decommissioned DC listed in the output and you may see this error listed against the Domain Controller
Unknown. The computer object may be damaged or missing
- Try clearing the Metadata of the Domain Controller to proceed with upgrading Domain & Forest Functional Level
Steps to upgrade Domain Functional Level
There are 2 method to upgrade DFL
Method 1: Using Active Directory Users and Computers
- Logon to Domain Controller using an account with Domain Admin privileges
- Go to Start -> Windows Administrative Tools -> Open Active Directory Users and Computers
- Right Click on your domain name on the left
- Click on Raise Domain Functional Level
Method 2: Using Active Directory Domains and Trusts
- Logon to Domain Controller using an account with Domain Admin privileges
- Go to Start -> Windows Administrative Tools -> Open Active Directory Domains and Trusts
- Right Click on your domain name on the left
- Click on Raise Domain Functional Level
Upgrade Forest Functional Level
- Logon to Domain Controller using an account with Enterprise Admin privileges
- Go to Start -> Windows Administrative Tools -> Open Active Directory Domains and Trusts
- Right Click on "Active Directory Domains and Trusts" on the left
- Click on Raise Forest Functional Level
If you have any questions or you need to add anything, please leave a comment.
Like my facebook page https://facebook.com/wintelspot
java online course
ReplyDeletesalesforce online course
hadoop online course
Data Science online course