Is Microsoft working on a new Domain and Forest Functional Level after 7 years?

Marcin Chwała
5. September 2023
Reading time: 1 min
Is Microsoft working on a new Domain and Forest Functional Level after 7 years?

Active Directory (AD) was first released in Windows 2000 Server edition – a bit over 20 years ago. It is a foundation of countless IT infrastructures based on Windows Server operating systems.

One of the concepts in AD is the Forest Functional Level (FFL) and Domain Functional Level (DFL). In short, functional levels determine available capabilities. With every new release of Windows Server until Windows Server 2016, improvements and new features were added to AD FFL & DFL. However, Windows Server 2019 and Windows Server 2022 – if promoted to Domain Controllers, offer maximum FDL & DFL equal to Windows Server 2016.

It was assumed that since Microsoft is heavily investing in its cloud platform – Azure, the on-premises solutions might not get any new significant features.

Let’s check that on Windows Server 2022. During installation of AD Domain Services (ADDS), we are offered to choose FFL & DFL. On Below screenshot, the maximum what we can choose from is version 2016 for both options.

Windows Server 2022 dashboard
Microsoft 2022 dashboard

When ADDS role installation is completed on Windows Server 2022, we are welcomed with 2016 functional level.

Microsoft 2022 ADDS

We cannot raise the functional level anymore; the message says for both domain and forest that we are on the maximum level.

Microsoft 2022 ADDS
 class=

Let’s try the same but…

Now let’s try the same on the latest build of Windows Server Insider Preview (build 25941).

We have the system ready – when trying to install the ADDS role, we can similarly choose forest and domain functional level. And to our surprise, the maximum forest and domain functional level we can choose is equal to Windows Server 2025 – interestingly, official Microsoft documentation does not mention anything about it.

Windows Server 2025
Windows Server 2025

Promotion to domain controller runs smoothly and upon completion, we are welcomed with Windows Server 2025 forest and domain functional level.

Windows Server 2025
Windows Server 2025

For both domain controllers, we can also check schema version (schema is a framework that defines structure of objects).

Windows Server 2016 has schema version equal to 87, both Windows Server 2019 & 2022 have schema version equal to 88, while a domain controller running on insider preview version of Windows Server, has schema version equal to 90. Official documentation does not mention anything about it, however, it describes final GA releases, not insider previews, so I believe this is normal.

Windows Server 2016 schema

Another test was still on Windows Server 2022 with FFL&DFL set to Windows Server 2016. After that, I installed Windows Server Insider Preview, and joined to existing domain, promoted to domain controller – that part went well.

Windows Server 2022 with FFL&DFL set to Windows Server 2016

Let’s now check all FSMO roles placement and try to move them from existing system running on Windows Server 2022 to Windows Server Insider Preview version.

Windows Server 2022 holds all FSMO roles.

Windows Server 2022 holds all FSMO roles

Windows Server Insider Preview will have all FSMO roles transferred to

Windows Server Insider Preview

FSMO roles are successfully transferred to Windows Server Insider Preview, as confirmed on below pictures taken from two domain controllers.

Windows Server Insider Preview

Windows Server 2022 which was FSMO roles holder, before transferring them to another server.

Windows Server 2022 which was FSMO

The FSMO roles transfer has been successful. Right now, we cannot raise the functional level, as we have the DC running on Windows Server 2022, which does not support raising the domain/forest functional level to higher one.

Windows Server 2022

We will decommission it for the time being and raise the level from Windows Server 2016 to Windows Server 2025 on Windows Server Insider Preview version.

Below shows Windows Server Insider Preview version just before raising the functional level:

Windows Server Insider Preview version

And after raising forest functional level, which also automatically raised domain functional level:

Windows Server Insider Preview version

Summary

The above exercises prove that the new forest and domain functional levels are in place and working. As of today (05-Sep-2023), no official documentation mentions this feature upgrade, and its potential benefits. Hopefully, this will change over time and Microsoft will shed some more light on it.

Please also bear in mind that this is an Insider Preview version of Windows Server, and it is subject to change, features present in this build do not necessarily have to be finalized and shipped with GA version.

Stay tuned!