Domain Functional Level 2016 Prerequisites

All support for environments with windows server 2003 domain controllers has ended.

Domain functional level 2016 prerequisites. Minimum operation system requirements windows server 2016 standard or datacenter windows server 2012 r2 standard or datacenter windows server 2012 standard or datacenter. Dcs can support automatic rolling of the ntlm and other password based secrets on a user account configured to require pki authentication. Just one block one role exchange 2016 prerequisites supported forest functional level for exchange server 2016 active directory must be at windows server 2008 forest functionality mode or higher. Furthermore the dfl dictates the lowest version of windows server that admins can use to promote new domain controllers.

Exchange 2016 cu3 added support for installing exchange 2016 onto windows server 2016 and also to have windows 2016 domain controllers dcs in the environment. There is no windows 2019 domain level. At least one windows server 2016 domain controller is required for microsoft passport for work. This article discusses raising the domain and forest functional levels that are supported by microsoft windows server 2003 based or newer domain controllers.

Windows server 2016 domain functional level features all default active directory features all features from the windows server 2012r2 domain functional level plus the following features. All user account domains and the domain to which the ad fs servers are joined must be. The confusion relates to our support of windows server 2016 with exchange server 2016. It s a shame really because many new active directory features and optional active directory features are only available when the functional level is raised.

There is a nuance with the latter. Functional level features and requirements windows server 2016 requires a windows server 2003 forest functional level. The windows 2016 domain is the highest available dfl for active directory. The blog included a statement that read domain controllers running windows server 2016 are supported provided forest functional level is windows server 2008r2 or later.

In order to be supported with windows 2016 dcs the active directory ad ds had to be at a minimum of windows 2008 r2 forest functionality level ffl. Our september 2016 release blog included a statement that is causing some confusion with customers. That is before you can add a domain controller that runs windows server 2016 to an existing active directory forest the forest functional level must be windows server 2003 or higher. When you raise the domain functional level to windows server 2016 and if the forest functional level is windows server 2012 or lower you have the option of rolling the domain functional level back to windows server 2012 or windows server 2012 r2.