Do you know that Microsoft will enforce all privileged Azure AD accounts to use Multi Factor Authentication in march?
It was announced in june 2018. Be prepared for that: Global administrator, SharePoint administrator, Exchange administrator, Conditional access administrator, Security administrator are concerned
Regularly customers ask "why should I raise ADDS functional level"?
Here are the anwsers
As it regularly happens when you stop a test platform for a long time, computer accounts password expire and Active Directory controllers do not replicate anymore (well known item since Windows 2000 Active Directory).
When you try to manually replicate using dssite.msc, you get the error message "2148074274 The target principal name is incorrect".
When a user opens an Active Directory session with his smartcard, it happens that some applications do not support smartcard logon, but needs classical user/password login.