Red Hat Bugzilla – Bug 1484683
[RFE] Support Windows Server 2016 Domain/Forest Functional Levels
Last modified: 2018-05-30 08:53:20 EDT
Description of problem:
IdM Server currently supports Windows 2016, but only with maximum Windows 2012 R2 Forest/Domain Functional Level:
* You can establish a trust relationship with the following Active Directory functional levels:
* Forest functional level range: Windows Server 2008 - Windows Server 2012 R2
Domain functional level range: Windows Server 2008 - Windows Server 2012 R2
* The following operating systems are explicitly supported and tested for establishing a trust using the mentioned functional levels:
* Windows Server 2012 R2
* Windows Server 2016
Related level description documentation:
This RFE is to add a support of Windows Server 2016 Forest/Domain Functional Levels:
The primary goal is IdM-AD Trust functionality. Secondary (optional) goal is Winsync agreement functionality.
This work requires switching to use of Kerberos when establishing trust as this will help us working with SMB1-disabled Windows Server 2016:
Linked to this Bugzilla.
Based on Alexander's comment, unlining Pagure issue 4960 (Use Kerberos to establish trust) because it is strictly speaking unrelated.
The RFE was tested in RHEL-7.5 with Windows Server 2016, there should not be anything preventing it from working. Unfortunately, it was not added to the RHEL-7.5 IPA errata, so the bug stayed in NEW state. As we can no longer add the bug to errata cleanly, I am manually switching the bug to CLOSED.