If you’re running a vCenter appliance with Active Directory integration you should take care about your Domain Functional Level. It is crucial to closely work together with the domain administrators team, for some vCenter versions may not support the latest level supported by Windows Server 2016.
What is the Domain Functional Level?
Functional levels determine the available Active Directory Domain Services domain capabilities. They also determine which Windows Server operating systems you can run on domain controllers in the domain or forest. Choosing a Functional Level of Windows Server 2012 implies that there can’t be any Domain Controllers prior that level (like Server 2008 R2).
Functional levels do not affect which operating systems you can run on workstations or servers that are joined to the domain.
Set the domain and forest functional levels to the highest value that your environment can support. This way, you can use as many ADS features as possible.
Here is a list of Domain Functional Levels and supported Domain Controller OS.
| Level | DC 2008 R2 | DC 2012 | DC 2012 R2 | DC 2016 |
|---|---|---|---|---|
| 2008 R2 | yes | yes | yes | yes |
| 2012 | no | yes | yes | yes |
| 2012 R2 | no | no | yes | yes |
| 2016 | no | no | no | yes |
Domain Functional Levels supported by vCenter
Find the most recent compatibility matrix on VMware KB 2071592
| Level | VC 5.5 | VC 6.0 | VC 6.5 | VC 6.7 |
|---|---|---|---|---|
| 2008 R2 | yes | yes | yes | yes |
| 2012 | yes | yes | yes | yes |
| 2012 R2 | yes(1) | yes | yes | yes |
| 2016 | no | no | no | yes(2) |
(1) Requires 5.5 U1
(2) Requires 6.7 U1
As you can see, only latest vCenter version 6.7 with Update 1 is capable to communicate with ADS and Domain Functional Level ‘Server 2016’.
Links
- VMware KB 2071592 – Versions of Active Directory supported in vCenter Server
- Microsoft – Understanding Active Directory Domain Services (AD DS) Functional Levels