2

At our main site we are running at 2012R2 (forest/domain) functional level and we currently have migrated our mailboxes to Office 365 using an exchange hybrid configuration with ADFS and Dirsync.

We are actually planning to deploy RODCs in some of our remote sites on servers running 2008R2. This force us to rollback AD functionnal levels to 2008R2.

Do you think if doing so would cause problems with Office365/ADFS/DirSync beside loosing Workplace Join in ADFS?

BastianW
  • 2,848
  • 4
  • 19
  • 34
Maxwell
  • 5,026
  • 1
  • 25
  • 31
  • Why not deploy Windows Server 2012 R2 RODC's in the remote sites? – joeqwerty Feb 05 '15 at 16:06
  • That's what we do when replacing servers but there are +40 remote sites and we're willing to deploy RODC as fast as possible, thus i was considering as an option rolling back functionnal levels to achieve consistency faster among all of our remote sites. – Maxwell Feb 06 '15 at 13:43

1 Answers1

0

Workplace join (WPJ) does not require a specific forest functional level(FFL). It requires the correct schema extensions and subsequent AD containers only. So you wont lose WPJ by rolling back FFL. Similarly AD FS, Dirsync etc do not depend on a DFL/FFL.

Therefore, I have no reason to believe this DFL/FFL rollback would cause problems. But I have not tested this.

maweeras
  • 2,674
  • 2
  • 16
  • 23