Sassy Geek
Atom Feed

How to install Azure AD Connect on Server 2016

If you have tried to install and configure Azure AD Connect on Server 2016 Technical Build in Server 2016 domain, you have definitely experience en error saying that “The Active Directory forest functional level must be Windows2003Forest or higher”. 


 
This is caused by the functional level of the forest and domain being "Windows Server Technical Preview" in Server 2016 AD.  You shouldn't experience the same problem with DirSync because it can synchronize only one forest, while Azure AD Connect has the ability to synchronize multiple domains to one Azure AD. AADC isn't recognizing the forest functional level and as a result denies the installation.

If you want to test Azure AD Connect in Server 2016 lab environment you have to first lower the forest functional level, but it is not necessary to change the domain functional level. 

You can change forest level either on the Domain Controller or on any other server by installing feature “Active Directory module for PowerShell”. This feature can be installed on the same server that you install AADC, and the functional level can be change in PowerShell on the same server.

To configure this, first run the PowerShell in elevated mode and then install the “Active Directory module for PowerShell” feature:

Import-Module Servermanager
Add-WindowsFeature RSAT-AD-PowerShell

If you want to check the status use Get-WindowsFeature

Afterwards change the functional level with following commands:

Import-Module -Name ActiveDirectory
Set-ADForestMode –Identity “ania.lab” –ForestMode Windows2012R2Forest

Now you can try again to install Azure AD Connect.

 

 

More information:

https://micloud.azurewebsites.net/azure-ad-connect-fails-with-windows-server-2016-tp2-forest-functional-level/