How to raise the Active Directory Domain and Forest Functional Levels

Introduction

Learn how to raise both the Domain Functional Level and the Forest Functional Level in an Active Directory Domain. In this example, I raise the Domain Functional Level from Windows Server 2012 R2 to Windows Server 2016, and then raise the Domain Functional Level from Windows Server 2012 R2 to Windows Server 2016.

Video

Prerequisites

• All Domain Controllers need to be running at least Windows Server 2016. Demote any Domain Controllers that are not running atleast this verion of Windows Server. You can run the following PowerShell command to list all Domain Controllers and their Operating System version:

  Get-ADDomainController -Filter * | Select-Object Name, OperatingSystem
  

• The user account upgrading the Functional Level is a member of the Domain Admins security group.
• Check there are no replication errors between any Domain Controllers.

Check Domain Functional Level

To check the existing Domain Functional Level, you can run the following PowerShell command on any Domain Controller.

Get-ADDomain | fl Name, DomainMode

Check Forest Functional Level

To check the existing Forest Functional Level, you can run the following PowerShell command on any Domain Controller.

Get-ADForest | fl Name, ForestMode

Raise Domain Functional Level (PowerShell)

To raise the Domain Functional Level using PowerShell:

1. Run PowerShell as Administrator on a Domain Controller.

2. Run the following PowerShell command.

   Set-ADDomainMode -identity ad.dannymoran.com -DomainMode Windows2016Domain
   

3. Press A to confirm yes to all.

4. Run the following command to check it’s now showing the correct Domain Functional level.

   Get-ADDomain | fl Name, DomainMode
   

Raise Forest Functional Level (PowerShell)

WARNING: The Forest Functional Level cannot be higher than the Domain Functional Level. You must upgrade the Domain Functional Level first.

To raise the Forest Functional Level using PowerShell:

1. Run PowerShell as Administrator on a Domain Controller.

2. Run the following PowerShell command.

   Set-ADForestMode -identity ad.dannymoran.com -ForestMode Windows2016Forest
   

3. Press A to confirm yes to all.

4. Run the following command to check it’s now showing the correct Domain Functional level.

   Get-ADForest | fl Name, ForestMode
   

Raise Domain Functional Level (GUI)

1. Open Active Directory Domains and Trusts.

2. Right-click your local Domain name and press Raise Domain Functional level.

3. Select Windows Server 2016, and then press Raise.

4. Agree to the warning by pressing OK.

5. Press OK on the popup confirming the Domain Functional level has been raised successfully.

6. If you have multiple Domain Controllers, it might take some time for this change to replicate to all other Domain Controllers.

7. Run the following PowerShell command to check it’s now showing the correct Domain Functional level.

   Get-ADDomain | fl Name, DomainMode
   

Raise Forest Functional Level (GUI)

WARNING: The Forest Functional Level cannot be higher than the Domain Functional Level. You must upgrade the Domain Functional Level first.

1. Open Active Directory Domain and Trusts.

2. Right-click Active Directory Domains and Trusts and select Raise Forest Functionalal Level.

3. Select Windows Server 2016, and then press Raise.

4. Agree to the warning by pressing OK.

5. Press OK on the popup confirming the Forest Functional level has been raised successfully.

6. If you have multiple Domain Controllers, it might take some time for this change to replicate to all other Domain Controllers.

7. Run the following PowerShell command to check it’s now showing the correct Forest Functional level.

   Get-ADForest | fl Name, ForestMode