Make sure forest is healthy wrt replication and all DC event logs are clean.
Review the following Articles:
How to raise Domain and Forest functional levels in Windows Server 2003
Domain and Forest functionality
Enabling Advanced Windows Server 2003 Active Directory Features
What Are Active Directory Functional Levels?
How Active Directory Functional Levels Work
Common Mistakes When Upgrading a Windows 2000 Domain To a Windows 2003 Domain
Disabling inbound replication on some DCs
Raising the domain and forest functional levels of an Active directory Forest is an irreversible process and a back out plan is considered best practice. KB 322692 says inter alia :
“Prepare a back out plan that includes of one of the following:
• Disconnect at least two domain controllers from each domain in the forest.
-or-
• Create a system state backup of at least two domain controllers from each domain in the forest.
Before the back out plan can be used, all domain controllers in the forest must be decommissioned before the recovery process. Note that level increases cannot be authoritatively restored. So all domain controllers that are replicated in the level increase must be decommissioned.
After all the previous domain controllers are decommissioned, bring up the disconnected domain controllers or restore the domain controllers from backup. Remove the metadata from all the other domain controllers, and then re-promote them. This is a non-trivial process and must be avoided.”
Trust me, you don't want to think about a forest recovery if your environment is large (well, plan for it. Then you'll see what I mean!).
If you decide to disable inbound replication on any 2 DCs, make sure none of them is a site bridgehead server. Or you’ll be waiting all night for replication to complete. Obviously, I hear you say, but make sure you check.
To confirm that the change has replicated to all DCs, use the following commands:
Adfind -sc dcmodes Show modes of all DCs in forest from config
Adfind -sc dcmodes:csv Same as above but CSV output
And
Adfind -sc forestmodes Show modes from NC partition objects for forest
Adfind -sc forestmodes:csv Same as above but CSV output
Before the functional levels were raised, the Mailbox Enable User system policy change for the purportedSearch attribute was run in using an ldif file.
To use Adfind to confirm the change has replicated, use:
Adfind -exch -f "(objectcategory=msexchsystempolicy)" purportedsearch
Most issues to do with a FFL upgrade have to do with LVR. And if the precautions are taken all can be avoided.
There are similar issues that may occur with third party applications with the upgrade to 2003 Forest Functional Level. If an application does not know to expect all the other attributes of an object to replicate before the LVR attributes are filled in then it may try to populate the value itself, or it may have other difficulties. These issues are very rare, but verify your critical applications in a lab before upgrading in production.
There is an issue with the version of ADC in Exchange when raising the Forest Functional level. If the Exchange Org is in mixed mode, update the ADC version to Exchange 2003 version of ADC before raising the functional level:
http://support.microsoft.com/default.aspx?scid=kb;en-us;825916
http://support.microsoft.com/default.aspx?scid=kb;en-us;823601
The Recipient Update Service does not update objects correctly when Exchange 2000 Server is running in a Windows Server 2003 forest
http://support.microsoft.com/kb/873059
Other Possible issues:
The most common issue that our MS DSE informed us was found with the 2003 FFL level upgrade is a failure due to old Windows 2000 NTDS settings in lost and found or that a 2000 DC that still exists in the Forest.
This is the actual event:
Event Type: Warning
Event Source: NTDS General
Event Category: Directory Access
Event ID: 1723
Date: 6/4/2005
Time: 7:39:52 AM
User: LAB1\administrator
Computer: LABDC1
Description:
Active Directory failed to raise the functional level of the domain or forest
because the following domain controller is at a lower functional level.
Object (forest or domain):
DC=lab,DC=com
NTDS Settings object of domain controller:
CN=NTDS Settings,CN=LostAndFoundConfig,CN=Configuration,DC=lab,DC=com
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
The NTDS Settings object from beneath the LostAndFoundConfig container was deleted and this resolved the issue.