One of the concepts in AD is the Forest Functional Level (FFL) and Domain Functional Level (DFL). In short, functional levels determine available capabilities. With every new release of Windows Server until Windows Server 2016, improvements and new features were added to AD FFL & DFL. However, Windows Server 2019 and Windows Server 2022 – if promoted to Domain Controllers, offer maximum FDL & DFL equal to Windows Server 2016.
It was assumed that since Microsoft is heavily investing in its cloud platform – Azure, the on-premises solutions might not get any new significant features.
Let’s check that on Windows Server 2022. During installation of AD Domain Services (ADDS), we are offered to choose FFL & DFL. On Below screenshot, the maximum what we can choose from is version 2016 for both options.
When ADDS role installation is completed on Windows Server 2022, we are welcomed with 2016 functional level.
We cannot raise the functional level anymore; the message says for both domain and forest that we are on the maximum level.
Now let’s try the same on the latest build of Windows Server Insider Preview (build 25941).
We have the system ready – when trying to install the ADDS role, we can similarly choose forest and domain functional level. And to our surprise, the maximum forest and domain functional level we can choose is equal to Windows Server 2025 – interestingly, official Microsoft documentation does not mention anything about it.
Promotion to domain controller runs smoothly and upon completion, we are welcomed with Windows Server 2025 forest and domain functional level.
For both domain controllers, we can also check schema version (schema is a framework that defines structure of objects).
Windows Server 2016 has schema version equal to 87, both Windows Server 2019 & 2022 have schema version equal to 88, while a domain controller running on insider preview version of Windows Server, has schema version equal to 90. Official documentation does not mention anything about it, however, it describes final GA releases, not insider previews, so I believe this is normal.
Another test was still on Windows Server 2022 with FFL&DFL set to Windows Server 2016. After that, I installed Windows Server Insider Preview, and joined to existing domain, promoted to domain controller – that part went well.
Let’s now check all FSMO roles placement and try to move them from existing system running on Windows Server 2022 to Windows Server Insider Preview version.
Windows Server 2022 holds all FSMO roles.
Windows Server Insider Preview will have all FSMO roles transferred to
FSMO roles are successfully transferred to Windows Server Insider Preview, as confirmed on below pictures taken from two domain controllers.
Windows Server 2022 which was FSMO roles holder, before transferring them to another server.
The FSMO roles transfer has been successful. Right now, we cannot raise the functional level, as we have the DC running on Windows Server 2022, which does not support raising the domain/forest functional level to higher one.
We will decommission it for the time being and raise the level from Windows Server 2016 to Windows Server 2025 on Windows Server Insider Preview version.
Below shows Windows Server Insider Preview version just before raising the functional level:
And after raising forest functional level, which also automatically raised domain functional level:
The above exercises prove that the new forest and domain functional levels are in place and working. As of today (05-Sep-2023), no official documentation mentions this feature upgrade, and its potential benefits. Hopefully, this will change over time and Microsoft will shed some more light on it.
Please also bear in mind that this is an Insider Preview version of Windows Server, and it is subject to change, features present in this build do not necessarily have to be finalized and shipped with GA version.
Stay tuned!