The Road to Exchange 2010: Active Directory and Exchange Part 2
In part 1 of this series, I discussed the requirements of Exchange Mode, Domain Controllers and the Schema Master in combination of various versions of Exchange.
In this post I will discuss the placement of Global Catalogs (GC), the Domain Functional Level (DFL) and Forest Functional level (FFL) required. In part 3 I will discuss the compatibility of Exchange with Windows Server 2008 R2.
The Global Catalog is a specialized option for any Domain Controller, it contains a copy of all important attributes of objects of all domains across the whole forest. Placement is important especially with multiple domains within the same Forest. Any Domain Controller can be activated as Global Catalog and when placed properly it can speed up AD queries and logon times significantly.
Exchange also relies on the Global Catalog, but only since Exchange 2007 there are minimum requirements to be met. This version requires at least Windows 2003 with Service Pack 1 in any Active Directory site where there is an Exchange 2007 server. It can co-exist with older versions (within a site), but you will have to exclude them. According to the System Requirements of Exchange 2010, it will have almost the same minimum requirement: Windows Server 2003 with Service Pack 2. The difference with Exchange 2007 is that 2010 cannot co-exist with lower versions of Windows Domain Controllers. I consider this a low impact difference from the GC requirements of Exchange 2007 as it those DC’s already should be upgraded to SP2 or beter yet replaced by 2008 DC’s, in my opinion.
Exchange 2000 has no specific minimum requirement. But as it cannot communicate with Windows 2008 Domain Controllers and thus Global Catalogs, this will mean you will require GC’s with Windows 2000 or 2003 (any patch level) per site and have to hard link to them (this is not mentioned in the Supportability Matrix). Exchange 2003 is the only one which can communicate with all versions of Domain Controllers and thus Global Catalog (from 2000 to 2008).
The resulting table actually doesn’t differ much from the Domain Controller table:
The green v in a cell means that Exchange can communicate with a domain exclusively with whose versions or mixed with other versions that have a green v. A red x indicates that it cannot communicate when this version is present within the site, domain or forest. The yellow – represents that it cannot communicate with that version, but it can operate as long as the minimum Domain Controller version requirement has been met (within a site or domain).
Domain Functional Level
The Domain Functional Level (DFL) determines the Active Directory Features of a domain. Roughly with each major Server Operating System there is also a new DFL and with it new features and enhanced security. You can however have a lower DFL then the OS level. As of Windows Server 2000, there are the following DFL’s:
- Windows 2000 Mixed
- Windows 2000 Native
- Windows Server 2003 Interim
- Windows Server 2003 (sometimes Native is added)
- Windows Server 2008
Note: The newest DFL of Windows Server 2008 R2 will be discussed separately.
The Windows 2000 Mixed and Windows 2003 Interim are the only ones which support Windows NT Domain Controllers. Each Native mode requires that all domain controllers in that domain are at the minimum OS level, meaning that for instance DFL Windows 2000 Native requires all DC’s to be at least Windows 2000.
And again Exchange 2007 required the DFL to be minimum of Windows 2000 Native (also excluding Windows 2003 Interim), which meant that you could not transition to Exchange 2007 when there were NT Domain Controllers in the Domain. Note that although the DFL could be 2000 Native, you still had to have a minimum of one 2003 SP1 Domain Controller (for the Global Catalog and of course Schema Master). For the 2008 DFL you will need to have Exchange 2007 SP1 or higher. Exchange 2010 obviously can work at the 2008 DFL (like duh!).
So, what about Exchange 2000? As it cannot operate in a domain with exclusive Windows 2008 Domain Controllers, we can deduce it will not operate at the 2008 DFL. Exchange 2003 on the other hand can operate with exclusive Windows 2008 Domain Controllers but it still cannot operate at 2008 DFL.
To summarize: the Domain Functional Levels of 2000 Native and 2003 (excluding 2000 Mixed and 2003 Interim) are the DFL’s compatible with all Exchange servers from 2000 to 2010. The 2008 DFL is only supported from Exchange 2007 SP1 and higher. I’ve made a table:
Forest Functional Level
The Forest Functional Level is determining the security and features of your whole forest containing all your domains. The following Forest Functional Levels FFL) are possible:
- Windows 2000
- Windows 2003 Interim
- Windows 2003
- Windows 2008
Note: The newest FFL of Windows Server 2008 R2 will be discussed separately.
The Windows 2000 FFL can harbor all Domain Controllers from NT upwards. As there are no requirements for Exchange, you could theoretically have a multi domain forest with Windows NT or Windows 2000 and still run Exchange 2007 in a separate domain within the same forest as long other minimum requirements are met (Schema Master and DFL). However for Exchange 2010 a minimum of a 2003 Forest Functional Level is required, as specified in the System Requirements.
The 2003 Interim is for transitions from NT domains directly to 2003 Domain Controllers and no support for Windows 2000. As this would also imply Exchange transitions from Exchange 5.5, this would be a useless situation for Exchange 2007 and 2010 as they no longer support direct transitions from 5.5.
The Windows 2003 FFL, supports only 2003 Domain Controllers and only Domains at the 2003 DFL. All Exchange versions from 2000 to 2010 can support this level. With this level the added bonus of a Forest Trust is possible, so a resource forest could be implemented separating you Exchange organization from your Active Directory with active user accounts.
The 2008 FFL is newer than any Exchange version currently released (excluding Exchange 2010 in any beta, RC and RTM form), so this will probably result in some incompatibilities. And indeed, Exchange 2000 and 2003 cannot function in a 2008 FFL. Although Exchange 2007 RTM cannot be installed on a Windows 2008 server, it does operate in a 2008 FFL. The matrix for the FFL will look like:
This concludes Part 2. In Part 3 we will discuss Windows 2008 R2 and Exchange.