This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 88%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi,
If I raise my forest functional level and domain functional level to 2016 would that cause any issues with servers and clients in the domain that is Windows 7, Windows Server 2003 and 2008 ?
As I understand these level updates only impact domain controllers, and all the domain controllers are Windows Server 2016
Regards
Andreas
Should not present any issues at current time. For the 2008 / 7 members (independent of FFL) it would be less risky if the extended updates for 2008 /7 are applied. 2003 at present should not be an issue but no guarantees going forward.
--please don't forget to Accept as answer if the reply is helpful--
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 80%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETB%3C/text%3E%3C/svg%3E)
Hi,
FFL and DFL impact only domain controllers by enabling a additional features and define the lowest version of operating system supported by the domain and the forest.
So the members machine windows 2003/2008/7 should still able to authenticate and access on all services provided by a domain controller in a domain with FFL and DFL Windows 2016. But it's time to think to upgrade them to supported version.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 62%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDZ%3C/text%3E%3C/svg%3E)
Hello @Andreas ,
Thank you for posting here.
Here are the answer for your references.
Q: If I raise my forest functional level and domain functional level to 2016 would that cause any issues with servers and clients in the domain that is Windows 7, Windows Server 2003 and 2008 ?
A: From the link below (Forest and Domain Functional Levels), we can see:
Functional levels determine the available Active Directory Domain Services (AD DS) domain or forest capabilities. They also determine which Windows Server operating systems you can run on domain controllers in the domain or forest. However, functional levels do not affect which operating systems you can run on workstations and member servers that are joined to the domain or forest.
Meanwhile, the highest domain/forest functional level is Windows server 2016.There should be no issue with the servers and clients in the domain that are Windows 7, Windows Server 2003 and 2008.
As a kind of reminder, perhaps the applications on workstations or member servers (such as Windows 7, Windows Server 2003 and 2008) may be impacted by forest functional level and/or the operating system version of domain controllers.
For example:
Whether specific Exchange version can be supported, it depends on server operating system version installed with Exchange, Exchange version and Active Directory environments (including DC operating system version and AD forest functional level).
Exchange Server supportability matrix
https://learn.microsoft.com/en-us/Exchange/plan-and-deploy/supportability-matrix?view=exchserver-2019
The link below can help you understand the issue of domain /forest functional level and operating system version of domain controller better.
Forest and Domain Functional Levels
https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels#windows-server-2019
Hope the information above is helpful.
Best Regards,
Daisy Zhou
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 61%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHS%3C/text%3E%3C/svg%3E)
Hi
It seems that the conversation is from last year. I have same current situation now. Currently we have DC2016 which is 2012R2 Domain and forest functional level and we want to raise it to highest functional level of 2016.
I understand that XP and 2003 are no longer supported but i have same question. Is 2016 DFL and FFL can still support XP and 2003 member server ? are they can still authenticate to the domain if we have raise it to 2016 DFL & FFL ?