Effects on features while rolling back FFL & DFL

Biswajeet Kumar 121 Reputation points
2021-02-04T05:37:19.933+00:00

Hi,

When we raise the FFL/DFL there will be new features/attributes added suppose from 2012r2 to 2016. So what will happen to those features/attributes when we roll back to 2012r2 again using PowerShell.

Thanks

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,360 questions
{count} votes

3 answers

Sort by: Most helpful
  1. Hannah Xiong 6,276 Reputation points
    2021-02-04T08:01:10.06+00:00

    Hello,

    Thank you so much for posting here.

    We cannot lower the domain and forest functional level after they have been raised. Raising the domain and forest functional levels are one-way operations that cannot be reversed. In the event that you need to revert to a lower functional level, you need to rebuild the domain or forest or restore it from a backup.

    For more information, we could refer to:

    https://learn.microsoft.com/en-us/archive/blogs/askds/what-is-the-impact-of-upgrading-the-domain-or-forest-functional-level

    https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc738038(v=ws.10)?redirectedfrom=MSDN

    For more information, please feel free to contact us.

    Best regards,
    Hannah Xiong

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


  2. Hannah Xiong 6,276 Reputation points
    2021-02-05T02:49:40.653+00:00

    Hello,

    Thank you so much for your kindly reply.

    So sorry for the previous reply.

    With versions of Windows Server that are earlier than Windows Server 2008 R2, we cannot roll back or lower a functional level under any circumstances. If you have to revert to a lower functional level with a version of Windows Server that is earlier than Windows Server 2008 R2, we must rebuild the domain or forest or restore it from a backup copy.

    After you set the domain functional level to a certain value, you cannot roll back or lower the domain functional level, with the following exceptions:

    When you raise the domain functional level to Windows Server 2016 and if the forest functional level is Windows Server 2012 or lower, you have the option of rolling the domain functional level back to Windows Server 2012 or Windows Server 2012 R2.

    Reference: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/upgrade-domain-controllers

    As mentioned, there will be new features added when raising the FFL/DFL. As per our understanding, once rolling back to the lower level, the new features will not be used anymore. So sorry that we do not have the environment to do the tests.

    We always recommend in-depth testing in a LAB environment before completing major upgrades or downgrades in your production environment if possible. At a minimum, ensure that we have a well-documented and fully tested forest recovery plan.

    Thank you so much for your understanding and support.

    Best regards,
    Hannah Xiong

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


  3. Hannah Xiong 6,276 Reputation points
    2021-02-08T06:35:40.127+00:00

    Hello,

    Thank you so much for your kindly reply.

    So sorry that I failed to find the related documentation.

    To activate the newest domain features, all the domain controllers must be running the newest Windows Server operating system version in the domain. If this requirement is met, the administrator can raise the domain functional level.

    To activate the newest forest-wide features, all the domain controllers in the forest must be running the Windows Server operating system version that corresponds to the desired forest functional level. Additionally, the current domain functional level must already be at the newest level. If these requirements are met, the administrator can raise the forest functional level.

    As per my understanding, we would have made the new features enabled if we had raised the functional level. As for the new features of different functional levels, we could refer to:
    https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels

    Thank you so much for your understanding and support.

    Best regards,
    Hannah Xiong

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.