Functional levels in AD are stored in an attribute named msDS-Behavior-Version. Depending on the object the attribute is attached to, it returns the functional level of a domain controller’s forest, domain, or capabilities.
This information can be used in a script, for example, to verify if the forest or domain is in a specific mode or if you want to make sure there are no Windows 2003 controllers.
Note that when the value is missing, 0 is assumed.
Forest Functional Level
For the forest, you can determine the functional level by inspecting the msDS-Behavior-Version property of cn=partitions,cn=configuration. For example, to find out the current forest functional level using PowerShell:
([ADSI]"LDAP://cn=partitions,cn=configuration,dc=contoso,dc=local").get("MSDS-Behavior-Version")
Domain Functional Level
For the domain, you can determine the functional level by inspecting the msDS-Behavior-Version property of the domain context. For example, to find out the current domain functional level:
([ADSI]"LDAP://dc=contoso,dc=local").get("MSDS-Behavior-Version")
Domain Controllers
To determine a domain controller’s (maximum) capabilities, inspect the msDS-Behavior-Version property of cn=NTDS Settings,cn=servers,cn=sites,cn=configuration. The “NTDS Settings” class is NTDSDSA, which you can use to query the value for all domain controllers (sample script here).
Levels
| msDS-Behavior-Version | Forest | Domain | Domain Controller |
|---|---|---|---|
| 0 | 2000 | 2000 Mixed / Native | 2000 |
| 1 | 2003 Interim | 2003 Interim | N/A |
| 2 | 2003 | 2003 | 2003 |
| 3 | 2008 | 2008 | 2008 |
| 4 | 2008 R2 | 2008 R2 | 2008 R2 |
| 5 | 2012 | 2012 | 2012 |
| 6 | 2012 R2 | 2012 R2 | 2012 R2 |
| 7 | 2016 | 2016 | 2016 |
| 10 | 2025 | 2025 | 2025 |
EighTwOne (821) 
Pingback: Retrieving DCs functional levels | EighTwOne (821)
Pingback: Active Directory Schema Version | EighTwOne (821)
Pingback: Windows Server 2012 RC Version and Levels | EighTwOne (821)