vCenter and AD Domain Functional Level

If you’re running a vCenter appliance with Active Directory integration you should take care about your Domain Functional Level. It is crucial to closely work together with the domain administrators team, for some vCenter versions may not support the latest level supported by Windows Server 2016.

What is the Domain Functional Level?

Functional levels determine the available Active Directory Domain Services domain capabilities. They also determine which Windows Server operating systems you can run on domain controllers in the domain or forest. Choosing a Functional Level of Windows Server 2012 implies that there can’t be any Domain Controllers prior that level (like Server 2008 R2).

Functional levels do not affect which operating systems you can run on workstations or servers that are joined to the domain.

Set the domain and forest functional levels to the highest value that your environment can support. This way, you can use as many ADS features as possible. Continue reading “vCenter and AD Domain Functional Level”

Joining VCSA to Active Directory

Joining Active Directory with vCenter Server Appliance (VCSA) has been simplified with every generation of VCSA.

I will show the workflow how to connect a VCSA 6.7 to an Active Directory source. The process differs a little, depending whether you’re using the HTML5-Client or the Web-Client (Flash).

Requirements

  • VCSA hostname has to be FQDN and may not be an IP address.
  • You need to login with a member of systemconfiguration admins, which administrator@vsphere.local is by default.

Workflow

The workflow is divided into three steps

  • Join VCSA to ADS
  • Reboot
  • Add ADS as identity source

Continue reading “Joining VCSA to Active Directory”