Section 4.4: Domain Functional Levels
The Windows Server 2003 Active Directory supports three domain functional levels. Each level provides varying compatibility with pre-Windows Server 2003 domains. The three functional levels are Windows 2000 Mixed; Windows 2000 Native and Windows Server 2003.
4.4.1: Windows 2000 Mixed Domain Functional Level
Windows 2000 mixed domain functional level is the default functional level in Windows Server 2003 domains and provides compatibility with downlevel, i.e., Windows NT 4.0, domain controllers, as well as Windows 2000 domain controllers. In the Windows 2000 mixed domain functional level, a Windows Server 2003 domain controller is designated as the PDC Emulator. The PDC Emulator uses LanMan Replication to replicate selected Active Directory updates to downlevel domain controllers.
In this domain functional level, a number of features in Active Directory are disabled because of incompatibility with downlevel domain controllers. The disabled features include: Universal groups; Global group nesting; local access to Domain Local groups; and the conversion of distribution groups to security groups and vice versa. In addition, multimaster replication and the retention of SID Histories for migrated security principals are not supported.
4.4.2: Windows 2000 Native Domain Functional Level
Windows 2000 native domain functional level provides compatibility with Windows 2000 domain controllers. This domain functional level thus does not support Windows NT 4.0 domain controllers and only Windows 2000 and Windows Server 2003 domain controllers can exist in domains that are raised to this domain level. Domains at the Windows 2000 native domain functional level can use universal groups, multimaster replication, SID histories, and they can convert between distribution and security groups. However, domains at this functional level do not support domain renaming and forest trusts, which are new features of Windows 2003 domain controllers.
4.4.3: Windows Server 2003 Domain Functional Level
Windows Server 2003 domain functional level does not provide compatibility with any pre-Windows Server 2003 domain controllers. A domain at the Windows Server 2003 domain functional level cannot contain any Windows 2000 or Windows NT 4.0 domain controllers. At this functional level, all Active Directory features are supported, including domain renaming and forest trusts.
Note: You can raise a domain functional level but you cannot lower it. Thus, once a domain is raised to the Windows 2000 native domain functional level, you cannot return it to the Windows 2000 mixed domain functional level and once a domain is raised to the Windows Server 2003 domain functional level, you cannot return it to the Windows 2000 native domain functional level.
You can use the Active Directory Users and Computers console to raise a domain's domain functional level by right-clicking the top of the tree and selecting raise domain functional level from the pop-up menu.