KnowledgeBase: The Windows Server 2022 Active Directory DFL and FFL do not exist

Windows Server 2022

Just as there are no Windows Server 2019 Forest Functional Level (FFL) or Windows Server 2019 Domain Functional Level (DFL), there are no Windows Server 2022 FFL or DFL either in Microsoft Windows Server’s Active Directory Domain Services (AD DS).

 

Impact

The unavailability of the Windows Server 2022 Forest Functional Level (FFL) and Windows Server 2022 Domain Functional Level (DFL) has the following impact:

  • There are, apparently, no new features in Active Directory Domain Services in Windows Server 2019 or Windows Server 2022, that require a new Domain Functional Level.
  • There are, apparently, no new features in Active Directory Domain Services in Windows Server 2019 or Windows Server 2022, that require a new Forest Functional Level.
  • When upgrading or transitioning Active Directory from Windows Server 2016 to Windows Server 2019 or Windows Server 2022, the Domain Functional Level (DFL) and Forest Functional Level (FFL) do not have to be raised. This eliminates two steps of the process.
  • When upgrading or transitioning Active Directory from Windows Server 2012 or Windows Server 2012 R2 to Windows Server 2019 or Windows Server 2022, the Domain Functional Level (DFL) and Forest Functional Level (FFL) only need to be raised to Windows Server 2016.
  • There is no way to limit the ability for Active Directory admins (for domains in an Active Directory forest) to install Windows Server 2016-based Domain Controllers or Windows Server 2019-based Domain Controllers in an environment with Windows Server 2022-based Domain Controllers. However, since Windows Server 2012, there is a way to limit promotions of Domain Controllers altogether.

Not only are the Windows Server 2022 Forest Functional Level (FFL) and Windows Server 2022 Domain Functional Level (DFL) missing, Windows Server 2022 does not even require a schema update. Active Directory schema version 88 is the latest schema version, and it has been around since Windows Server 2019. When you promote a server to a Domain Controller, however, a Windows Server 2022 installation automatically performs any schema update you may need to become the first Windows Server 2022 Domain Controller.

 

About Active Directory Functional Levels

In previous versions of Active Directory, each Windows Server version was accompanied by a corresponding Forest Functional Level (FFL) and Domain Functional Level (DFL).

When upgrading Domain Controllers to newer versions of Windows Server or transitioning to Domain Controllers running newer versions of Windows Server, the functional levels would unlock new functionality on either the Active Directory forest or Active Directory domain level.

RAISING FUNCTIONAL LEVELS

Only when all Domain Controllers for an Active Directory domain would run the newer version of Windows Server, could an Active Directory admin raise the Domain Functional Level (DFL) to the version corresponding with the version of Windows Server.

Only when all domains for an Active Directory forest would run the newer Domain Functional Level (DFL), could an Active Directory admin raise the Forest Functional Level (FFL) to the version corresponding with the version of the domains.

LOWERING FUNCTIONAL LEVELS

Starting with the Windows Server 2008 levels, you can revert to lower Domain Functional Levels and Forest Functional Levels.

Note:
The lowest levels to return to are the Windows Server 2008 Forest Functional Level (FFL) and the Windows Server 2008 Domain Functional Level (DFL).

Note:
Only when the Active Directory Forest Functional Level (FFL) is lowered to a lower version, can any Active Directory domains be lowered to a lower version of the Active Directory Domain Functional Level (DFL).

Note:
Only when the Active Directory Recycle Bin additional features is not implemented, can the Active Directory Forest Functional Level (FFL) be lowered from the Windows Server 2008 R2 to the Windows Server 2008 Forest Functional Level (FFL).

This paints the following picture:

DFLs&FFLs2019

FURTHER READING

KnowledgeBase: The Windows Server 2019 Active Directory DFL and FFL do not exist
Preventing Domain Controller promotions, cloning and demotions
New features in AD DS in Windows Server 2012, Part 3: New Upgrade Process
How to Revert Back or Lower the Active Directory Forest and Domain Functional Levels
Forest and Domain Functional Levels

2 Responses to KnowledgeBase: The Windows Server 2022 Active Directory DFL and FFL do not exist

  1.  

    Makes me think what is FFL and DFL in Azure AD? 🙂
    And what about activating Azure AD DS, will it spin up two Windows Server 2022 domain controllers now? If, you already have Azure AD DS will they be upgraded inclusing DFL and FFL?

    • Azure AD DS was still Windows Server 2012 R2-based, last time I checked. 😉

       

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.