The primary issues that we have dealt with in our (very) large distributed environment deploying 2008 DCs and preparing to go to 2008 R2 forest functional level mostly had to do with changes to Server 2008 itself. This TechNet page is a good place to start.
Our biggest issue was with older NAS devices and in-house apps. It's discussed briefly in the article I linked.
Clients that support only the Data
Encryption Standard (DES) will not be
able to establish a secure channel
with Netlogon on domain controllers
that run Windows Server 2008 or
Windows Server 2008 R2. As a result,
unsecure domain join operations will
fail, including operations that are
performed by Windows Deployment
Services and the Active Directory
Migration Tool (ADMT). In addition,
non-Microsoft Server Message Block
(SMB) and network-attached storage
(NAS) devices that do not support MD5
will also fail to establish a secure
channel.
...
If you must support DES, enable
support for Windows NT 4.0
cryptography. Open the Group Policy
Management snap-in, click Computer
Configuration, click Administrative
Templates, click System, and then
click Netlogon. Right-click Allow
cryptography algorithms compatible
with Windows NT 4.0, click Properties,
click Enabled, and then click OK.
Making these changes has some significant security trade-offs, so it's probably best to remediate where you can.
Also, if you have a fairly complex network design the changes to the RPC dynamic ports used by 2008 may cause you some grief, but that is mostly fixed with updated firewall rules.
There seems to be some debate as to whether Exchange 2003 SP2 is really supported in a 2008 R2 forest, but according to Microsoft's Exchange Server Supportability Matrix it is. I'm not really an Exchange guy, so I can't help you much there, but my Exchange guys are asking us to wait until they can deploy Exchange 2010 to avoid any potential issues.
Starting with Windows Server 2008, the goal is to allow raising the DFL/FFL without auto enabling any features. All of the features introduced in Windows 2008 based AD can be used by merely raising DFL. This means admins can raise DFL/FFL knowing they are only restricting the OS choice of newer DCs and preventing any downlevel DC been introduced.
So once you raise your DFL it wont auto enable anything. You can go ahead and start choosing when you want to use features like fine grained password policies and dfsr for sysvol replication. Other features such as restartable AD, RODC, AD Powershell etc are not dependent on DFL/FFL raises so you can use them already. See following links for details
2008 - http://technet.microsoft.com/en-us/library/cc753516(WS.10).aspx
2008 R2 - http://technet.microsoft.com/en-us/library/dd378796(WS.10).aspx
also see http://blogs.technet.com/askds as they have details on usage of these features.
Best Answer
Per Microsoft, this is not possible. From TechNet: Understanding Active Directory Domain Services (AD DS) Functional Levels:
Forest takes precedence as the minimum functional level of each domain in the forest: